You are not logged in.

#1 2020-12-19 05:41:26

xaix1999
Member
Registered: 2019-03-07
Posts: 3

Stacked dm-crypt plain (2x plain with root on 2nd mapper)

this started out as an experiment with a virtualbox vm, and has taken about 2 whole shifts at work and havent been able to boot
unless i cryptsetup open via arch-iso and arch-chroot im not able to access the root partition
cryptsetup -v open /dev/sdx2 crypt --type plain
cryptsetup -v open /dev/mapper/crypt crypt2 --type plain
mount /dev/mapper/crypt2 /mnt
mount /dev/sdx1 /mnt/boot (efi install plaintext vfat)
arch-chroot /mnt
from here im able to access installed root partition

ive tried to use sd-encrypt to open both, as i thought thats what you use it for, 2 encrypted partitions to open but during boot it only asks for crypt's password
ive also created /etc/crypttab.initramfs with crypt and crypt2 's setup to try and use x-initrd.attach to mount and keep mounted

grub is not configured for cryptdevice so the root=UUID of root as im trying to keep the plaintext partition with out any spoilers of the crypted double containers
im sure there is something i must do to make this work
im really trying to keep any crypt associated information out of the plaintext boot partition except for the initramfs blob
please tell me the error in my ways (LOL) i mostly want to figure this out as i have a project in mind for it

Last edited by xaix1999 (2020-12-19 06:00:43)

Offline

#2 2020-12-19 10:26:27

frostschutz
Member
Registered: 2013-11-15
Posts: 1,049

Re: Stacked dm-crypt plain (2x plain with root on 2nd mapper)

this setup is very unusual (and technically incorrect)

even so, what does the crypttab look like then?

Offline

#3 2020-12-19 19:26:29

xaix1999
Member
Registered: 2019-03-07
Posts: 3

Re: Stacked dm-crypt plain (2x plain with root on 2nd mapper)

can you please elaborate on what is technically incorrect, i failed to read the context.

since the partuuid is not helpful (i believe untill after boot), i didnt use it
i want to use uuid but that is not helpful and all i got from sdx2 is a partuuid

i did a simple, cp /etc/crypttab /etc/crypttab.initramfs
crypt /dev/sdx2 none plain,verify,x-initrd.attach,tries=5
crypt2 /dev/mapper/crypt none plain,verify,x-initrd.attach,tries=5

Offline

Board footer

Powered by FluxBB