You are not logged in.
Hello,
I am having problems getting sd-encrypt to ask me for a password to unlock the root partition. Using the ordinary encrypt hook - and efibootmgr - it works, but using sd-encrypt with systemd boot so far does not. Whatever I am trying, the boot process does not ask for a password and, depending on the configuration, just waits for /dev/mapper/root to appear, which of course does not happen, since it has not been unlocked.
I've tried all three. Putting:
rd.luks.name=77727d7b-7c49-443e-a92f-5e8f3d7dbedb=root /dev/mapper/root rw
In either /etc/cmdline.d/boot.conf or as options in /boot/loader/entries/arch.conf
as well as
root UUID=77727d7b-7c49-443e-a92f-5e8f3d7dbedb none
in
/etc/crypttab.initramfs.
Of course, mkinitcpio has been run after each change. The problem seems to be, that neither configuration gets actually put into the initramfs. At least not, if running strings against the decompressed uki. Neither returns strings any crypttab, not the uuid. That of course may be the limitation of strings.
luks of course is of type 2 and I have been following, amongst others, this guide:
https://wiki.archlinux.org/title/dm-cry … figuration
Thanks for any hints on what I may be missing or may ahve have overseen
Ede
Edit: using mkinitcpio -Pv (just discovered the verbose option) I can see, that either the cmdline.d/linux.conf or the /etc/crypttab are indeed getting added to the image. So my use of the strings command may have been wrong. However, that does not change, that I do not get any prompt for a password.
Last edited by EdeWolf (2023-11-07 14:48:52)
Offline
The problem was an error in the sd-boot configuration, that resulted in a failure and led the bios to trying to load the next (old) entry, that previously had been installed with efibootmgr (and had been configured with the plain ecrypt hook)
Offline