You are not logged in.

#1 2016-06-29 16:05:19

mxfm
Member
Registered: 2015-10-23
Posts: 141

[SOLVED] Unable to mount encrypted partitions on boot

Hi!

I use dm-crypt in plain mode to encrypt partitions, including root. I successfully dealed with decrypting root parition during boot, however I have problems with automatic mounting of other paritions via crypttab. During boot I enter passwords, dm-crypt maps partitions (i. e. Found device /dev/mapper/home -> Started Cryptography Setup  for device home ... OK ), but they are not usable (i. e. mount /dev/mappe/home /home - error, bad superblock ...). In order to fix it, I have to crypt-close partitions and reopen them manually. I suspect something is wrong with crypttab because I can decrypt and mount manually, but I don't understand what exactly wrong with crypttab is.

[likely incorrect] /etc/crypttab

home    PARTUUID=b50e820e-2305-48ce-afd3-9605c737d045   none    plain,hash=sha512,cipher=aes-xts-plain64,size=512
swap    PARTUUID=c2eb3313-9438-4ea3-82d4-19884cf0b93d   none    plain,hash=sha512,cipher=aes-xts-plain64,size=512
virt       PARTUUID=85f993b8-f6ee-4353-b4a5-2fab583efcb4   none    plain,hash=sha512,cipher=aes-xts-plain64,size=512

How I mount manually:

cryptsetup -h sha512 -c aes-xts-plain64 -s 512 open --type plain /dev/sdb6 /home (for example)

Logs show following relevant information:
[systemd-cryptsetup] Set cipher aes, mode xts-plain64 , key size 512 bits for device XXX
Crypt during boot misses sha512 option (why?),  it may be a problem.

P.S.
Moving hash option after cipher solved the problem.

Last edited by mxfm (2016-06-30 18:36:27)

Offline

Board footer

Powered by FluxBB