You are not logged in.
- Topics: Active | Unanswered
#1 2022-07-14 00:37:59
- UnluckyNinja
- Member
- Registered: 2022-02-14
- Posts: 19
[SOLVED] Cannot unlock LUKS drive after replacing GRUB
I am trying to replace GRUB with ZFSBootMenu and my disk is LUKS encrypted with a detached header. While I was using GRUB I had this configuration:
GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3 quiet"
GRUB_CMDLINE_LINUX="rd.luks.name=YYYYYYY-YYYYYYYYY-YYYYYYYYY=diskname rd.luks.key=YYYYYYY-YYYYYYYYY-YYYYYYYYY=/path/to/diskname.key rd.luks.name=XXXXXXXX-XXXXXXXXX-XXXXXXXXXX=anotherdisk rd.luks.options=XXXXXXXX-XXXXXXXXX-XXXXXXXXXX=header=/path/to/anotherdiskheader.img rd.luks.data=XXXXXXXX-XXXXXXXXX-XXXXXXXXXX=/dev/disk/by-id/ZZZZZ-ZZZZZZZ-ZZZZZZZ root=zfs:AUTO"
This would unlock diskname with a keyfile and prompt me to insert a password for anotherdisk and it was working with no issues with an initramfs generated by Dracut.
Then I replaced GRUB by ZFSBootMenu and added this to Kernel Commandline using ZFSBootMenu methods:
loglevel=3 quiet rd.luks.name=XXXXXXXX-XXXXXXXXX-XXXXXXXXXX=anotherdisk rd.luks.options=XXXXXXXX-XXXXXXXXX-XXXXXXXXXX=header=/path/to/anotherdiskheader.img rd.luks.data=XXXXXXXX-XXXXXXXXX-XXXXXXXXXX=/dev/disk/by-id/ZZZZZ-ZZZZZZZ-ZZZZZZZ rd.luks.key=XXXXXXXX-XXXXXXXXX-XXXXXXXXXX=/path/to/anotherdisk.key
Now I'm trying to unlock the disk with the detached header with a keyfile. The initramfs receives these parameters (I checked in dracut recovery shell), but it doesn't unlock the disk. I don't know why it happens. When using GRUB it works with a very similar setup.
Anyone has any idea why the initramfs is not unlocking the disks?
SOLVED:
It was dracut not adding the necessary modules for LUKS unlocking at boot.
Last edited by UnluckyNinja (2022-07-15 18:29:11)
Offline