You are not logged in.
- Topics: Active | Unanswered
#1 2012-01-22 18:15:40
- r-dubz
- Member
- Registered: 2012-01-22
- Posts: 6
[SOLVED] Installing on an encrypted hard drive
Hi Folks,
Used to use Arch a while back - decided to give it a go again.
I've followed the wiki to try and get arch set up with an encrypted system partition. I partitioned the drives as follows:
boot /dev/sda1
swap /dev/sda2
root /dev/sda3I encrypted the drive like so:
cryptsetup -c aes-xts-plain -y -s 512 luksFormat /dev/sda3and left the swap partition for the time being, as there is info at the bottom regarding having swapspace with a random passphrase which I'll try setting up later. I'm just using a passphrase on the root partition as it looked simpler than setting up a keyfile.
I've run through the arch setup obviously selecting /dev/sda1 for the boot partition and /dev/mapper/root for the root partition. Added encrypt into the HOOKS line in /etc/mkinitcpio.conf as well as EXT4 into the modules line. Edited the grub.conf like so:
# (0) Arch Linux
title Arch Linux
root (hd0,0)
kernel /vmlinuz-linux cryptdevice=/dev/sda3:root root=/dev/mapper/root ro
initrd /initramfs-linux.imgthen rebooted.
I get
:: Running Hook [encrypt]
Waiting 10 seconds for device /dev/sda3 ...
:: Running Hook [udev]
:: Triggering uevents...done.
Waiting 10 seconds for device /dev/mapper/root ...
ERROR: Unable to find root device '/dev/mapper/root'.which kinda makes sense, as it's not asked for a passphrase so can't possibly be mounted.
Any ideas where this has gone wrong?
Thanks
Last edited by r-dubz (2012-01-22 20:58:36)
Offline
#2 2012-01-22 19:19:54
- /dev/zero
- Member
- From: Melbourne, Australia
- Registered: 2011-10-20
- Posts: 1,247
Re: [SOLVED] Installing on an encrypted hard drive
What's the structure of the logical volume you have sitting on top of sda3? I.e., what exact commands did you run, after encrypting the partition, to make the partition ready for installing on?
What's the exact HOOKS line in mkinitcpio.conf? Order matters.
Offline
#3 2012-01-22 19:38:13
- r-dubz
- Member
- Registered: 2012-01-22
- Posts: 6
Re: [SOLVED] Installing on an encrypted hard drive
Thanks for the reply.
I ran the
cryptsetup luksOpen /dev/sda3 rootcommand which creates the /dev/mapper/root device and then chose this device during the /arch/setup as opposed to /dev/sda3.
I put encrypt in the hooks like so:
HOOKS="base encrypt udev autodetect pata scsi sata filesystems"Cheers.
EDIT: Mistake in HOOKS line.
Last edited by r-dubz (2012-01-22 19:43:56)
Offline
#4 2012-01-22 19:42:15
- /dev/zero
- Member
- From: Melbourne, Australia
- Registered: 2011-10-20
- Posts: 1,247
Re: [SOLVED] Installing on an encrypted hard drive
Okay, usually people with LUKS also use LVM. I have LUKS sandwiched between two layers of LVM2 ;-) But I can't think of any reason off the top of my head why you can't just have LUKS by itself ...
I don't see any "encrypt" in your hooks line. I think it should go between "sata" and "filesystems".
Offline
#5 2012-01-22 19:44:47
- r-dubz
- Member
- Registered: 2012-01-22
- Posts: 6
Re: [SOLVED] Installing on an encrypted hard drive
Okay, usually people with LUKS also use LVM. I have LUKS sandwiched between two layers of LVM2 ;-) But I can't think of any reason off the top of my head why you can't just have LUKS by itself ...
I don't see any "encrypt" in your hooks line. I think it should go between "sata" and "filesystems".
I actually had it at the start after base (not sure why I chose there) but maybe moving it to where you suggested might help. I'll give that a go - cheers.
Offline
#6 2012-01-22 19:47:47
- /dev/zero
- Member
- From: Melbourne, Australia
- Registered: 2011-10-20
- Posts: 1,247
Re: [SOLVED] Installing on an encrypted hard drive
I actually had it at the start after base (not sure why I chose there) but maybe moving it to where you suggested might help. I'll give that a go - cheers.
Aha, I must be going blind 
Offline
#7 2012-01-22 20:56:09
- r-dubz
- Member
- Registered: 2012-01-22
- Posts: 6
Re: [SOLVED] Installing on an encrypted hard drive
r-dubz wrote:I actually had it at the start after base (not sure why I chose there) but maybe moving it to where you suggested might help. I'll give that a go - cheers.
Aha, I must be going blind
No I edited it but you were too fast. ;-)
That's working now - thanks very much. Makes sense for sata to be before encrypt - cheers!
Offline
#8 2012-01-22 20:57:21
- /dev/zero
- Member
- From: Melbourne, Australia
- Registered: 2011-10-20
- Posts: 1,247
Re: [SOLVED] Installing on an encrypted hard drive
Awesome! Glad to hear it worked. Please remember to mark the thread solved :-)
Offline