You are not logged in.

#1 2017-02-04 14:53:12

userak
Member
Registered: 2017-02-04
Posts: 38

Full Disk Encryption, arch booting to emergency mode

Hi ! Guys ...

This is the first time I'm using any linux, so please bear with me...
I have been reading about archlinux for a quite while, now that I have sufficient information, I am trying to setup archlinux on vmware workstation with full disk encryption (luks + dmcrypt). I have completed all the required steps but while booting, arch is dropping me to the emergency mode.

So my setup is as follows..

sda1    --> esp
sda2    --> boot (encrypted)
sda3    --> root (encrypted)
sda4    --> home (encrypted)
sda5    --> swap (encrypted)

blkid

/dev/sda1: UUID="9701-024F" TYPE="vfat" PARTLABEL="EFI System" PARTUUID="6900c8a8-138e-41a0-b643-52d6687d4a36"
/dev/sda2: UUID="b10e6560-99be-4032-8bca-985ef9001a0f" TYPE="crypto_LUKS" PARTLABEL="boot" PARTUUID="72025208-8cee-4290-af80-5d8c91907889"
/dev/sda3: UUID="a99042ca-a8f6-4f4b-98cc-74e16177c065" TYPE="crypto_LUKS" PARTLABEL="root" PARTUUID="5d26af63-851c-4d06-bfca-384362087e20"
/dev/sda4: UUID="1dbec147-6278-40d4-8653-326b9fb86893" TYPE="crypto_LUKS" PARTLABEL="Linux /home" PARTUUID="98b7f44c-5dc0-4063-8c1b-eb0914967f8c"
/dev/sda5: UUID="f7992eae-92fb-4157-b8bf-c17c11346544" TYPE="crypto_LUKS" PARTLABEL="Linux swap" PARTUUID="f70be2d2-14a8-49e6-8e85-b9f6c370fd64"
/dev/sr0: UUID="2016-12-01-16-53-09-00" LABEL="ARCH_201612" TYPE="iso9660" PTUUID="4032ce55" PTTYPE="dos"
/dev/loop0: TYPE="squashfs"
/dev/mapper/crypt_boot: UUID="b2bb9857-abf1-4ab9-a293-6552b5f8b8df" TYPE="ext4"
/dev/mapper/crypt_root: UUID="236e4027-f027-4dcb-89ee-29daccd967e7" TYPE="ext4"
/dev/mapper/crypt_home: UUID="eb971f42-212f-4464-8e11-620c5a3e741f" TYPE="ext4"
/dev/mapper/crypt_swap: UUID="a8cb0e3d-742d-4979-aaa0-d7f4896d0184" TYPE="swap"

/etc/fstab

# /dev/mapper/crypt_root
UUID=236e4027-f027-4dcb-89ee-29daccd967e7	/         	ext4      	rw,relatime,data=ordered	0 1

# /dev/mapper/crypt_boot
UUID=b2bb9857-abf1-4ab9-a293-6552b5f8b8df	/boot     	ext4      	rw,relatime,data=ordered	0 2

# /dev/sda1
UUID=9701-024F      	/boot/efi 	vfat      	rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro	0 2

# /dev/mapper/crypt_home
UUID=eb971f42-212f-4464-8e11-620c5a3e741f	/home     	ext4      	rw,relatime,data=ordered	0 2

# /dev/mapper/crypt_swap
UUID=a8cb0e3d-742d-4979-aaa0-d7f4896d0184	none      	swap      	defaults  	0 0

/etc/crypttab

# <name>       <device>                                     <password>              <options>
crypt_home	UUID=1dbec147-6278-40d4-8653-326b9fb86893   none luks
crypt_swap	UUID=f7992eae-92fb-4157-b8bf-c17c11346544   none luks
crypt_boot	UUID=b10e6560-99be-4032-8bca-985ef9001a0f   none luks

/etc/mkinitcpio.conf

MODULES=""
HOOKS="base systemd autodetect modconf block sd-encrypt filesystems keyboard fsck"

/etc/default/grub

GRUB_DEFAULT=0
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="Arch"
GRUB_CMDLINE_LINUX_DEFAULT="luks.uuid=a99042ca-a8f6-4f4b-98cc-74e16177c065 luks.name=a99042ca-a8f6-4f4b-98cc-74e16177c065=crypt_root quiet"
GRUB_CMDLINE_LINUX=""
GRUB_ENABLE_CRYPTODISK=y
GRUB_PRELOAD_MODULES="part_gpt part_msdos"
GRUB_TERMINAL_INPUT=console
GRUB_GFXMODE=auto
GRUB_GFXPAYLOAD_LINUX=keep
GRUB_DISABLE_RECOVERY=true

swapon -s

Filename				Type		Size	Used	Priority
/dev/dm-3                              	partition	1045480	0	-1

The error I am getting
szkhgg.png



Here is a part of Boot Log (Pastebin)


x---------------------------------------------------------------------------------------x
After booting in emergency mode and listing the content of /dev/mapper, I find the "crypt_root" and "home" enteries there, no "crypt_boot" and "crypt_swap".
Also why sda3(home partition) is mapped as "home" and not "crypt_home" even though the <name> field in "crypttab" file is "crypt_home".

Last edited by userak (2017-02-04 17:54:13)


A newbie archlinux user ...

Offline

#2 2017-02-06 19:07:39

userak
Member
Registered: 2017-02-04
Posts: 38

Re: Full Disk Encryption, arch booting to emergency mode

After a lots trial and error.. I finally managed to boot into archlinux..

What I did is commented out all the enteries in  "/etc/crypttab" file  and added all those enteries to the "GRUB_CMDLINE_LINUX_DEFAULT" parameter of the "/etc/default/grub" file as follows.

/etc/default/grub

GRUB_CMDLINE_LINUX_DEFAULT="luks.uuid=a99042ca-a8f6-4f4b-98cc-74e16177c065 luks.name=a99042ca-a8f6-4f4b-98cc-74e16177c065=crypt_root
luks.uuid=b10e6560-99be-4032-8bca-985ef9001a0f luks.name=b10e6560-99be-4032-8bca-985ef9001a0f=crypt_boot luks.uuid=1dbec147-6278-40d4-8653-326b9fb86893 luks.name=1dbec147-6278-40d4-8653-326b9fb86893=crypt_home luks.uuid=f7992eae-92fb-4157-b8bf-c17c11346544 luks.name=f7992eae-92fb-4157-b8bf-c17c11346544=crypt_swap quiet"

I am still getting the error "failed to activate swap partition" during boot.

Why  crypttab  file doesn't seems to be working ? What is wrong with the configuration  ?  Please guys  help me with this .

Last edited by userak (2017-02-06 19:08:32)


A newbie archlinux user ...

Offline

#3 2017-02-10 22:54:02

piratebill
Member
From: Sol System
Registered: 2011-10-20
Posts: 113

Re: Full Disk Encryption, arch booting to emergency mode

This may or may not help, but I've never gotten crypttab to decrypt anything with a password. Only have had luck with key files, but maybe I'm doing something dumb.

Offline

#4 2017-02-18 09:06:09

userak
Member
Registered: 2017-02-04
Posts: 38

Re: Full Disk Encryption, arch booting to emergency mode

@piratebill  I tried doing it ... but no help


A newbie archlinux user ...

Offline

#5 2017-02-18 13:36:12

userak
Member
Registered: 2017-02-04
Posts: 38

Re: Full Disk Encryption, arch booting to emergency mode

Regarding the error related to swap partition not being mounted ...  From what I have read  systemd-boot  tries to automatically mount  a swap partition by recognising it type-code.  This behaviour can be changed by  issuing the following command.

systemctl mask dev-sda8.swap

*** Change the dev-sda8.swap  to appropriate partition in your case.

Above command will supress the automatic mounting of swap partition and entry from crypttab file will be used instead.

Last edited by userak (2017-02-18 13:38:11)


A newbie archlinux user ...

Offline

Board footer

Powered by FluxBB