You are not logged in.

Pages: 1

#1 2024-08-22 21:28:34

scalc38
Member
Registered: 2024-08-22
Posts: 1

LUKS encrypted partition with LVM inside wont unlock, shows error

Hey all, when trying to unlock an encrypted LUKS partition with LVM inside, I am getting the following error message and am then put into the Grub rescue mode:

Enter passphrase for hd0,gpt2 (*UUID of /dev/sda2, the encrypted partition*):
error: Invalid passphrase.
error: no such cryptodisk found, perhaps a needed disk or cryptodisk module is not loaded.
error: disk 'lvmid/XXX-XXX-XXX-XXX' not found.
Entering rescue mode
grub rescue>

My setup is the following...
I partitioned my drive to two partitions:

  • EFI boot partition

  • Linux File System partition

First of all, I encrypted the large File System partition with LUKS and set up LVM inside:

cryptsetup luksFormat /dev/sda2
cryptsetup open /dev/sda2 cryptlvm

pvcreate /dev/mapper/cryptlvm
vgcreate vg0 /dev/mapper/cryptlvm
lvcreate -L 4G vg0 -n swap
lvcreate -l 100%FREE vg0 -n root

then the formatted and mounted:

mkfs.fat -F 32 /dev/sda1
mkfs.ext4 /dev/vg0/root
mkswap /dev/vg0/swap

mount /dev/vg0/root /mnt
mount --mkdir /dev/sda1 /mnt/boot/efi
swapon /dev/vg0/swap

I edited the mkinitcpio.conf file like this:

HOOKS=(base udev autodetect microcode modconf kms keyboard keymap consolefont block encrypt lvm2 filesystems fsck)

and edited the Grub config file like this:

GRUB_CMDLINE_LINUX="cryptdevice=UUID=*UUID of /dev/sda2*:cryptlvm root=/dev/vg0/root"
GRUB_ENABLE_CRYPTODISK=y

and installed Grub:

grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=GRUB
grub-mkconfig -o /boot/grub/grub.cfg



I have already tried changing

root=/dev/vg0/root

to

root=/dev/mapper/vg0-root

and reinstalled Grub to see if that changes anything, but no luck. I have also double checked that the UUID of /dev/sda2 is correct using

blkid /dev/sda2

and recreated mkinitcpio with

mkinitcpio -p

During the installation I followed the steps described here:
https://wiki.archlinux.org/title/Installation_guide
https://wiki.archlinux.org/title/Dm-cry … VM_on_LUKS
https://wiki.archlinux.org/title/Kernel_parameters

Offline

#2 2024-08-23 19:07:59

kermit63
Member
Registered: 2018-07-04
Posts: 370

Re: LUKS encrypted partition with LVM inside wont unlock, shows error

Your /boot is inside the root partition, which in turn was encrypted by default with argon2. GRUB has very limited support for that.

This is contrary to the diagram that came with the Dm-crypt link, where the /boot partition is unencrypted.

Never argue with an idiot, they will drag you down to their level and then beat you with experience.
It is better to light a candle than curse the darkness.
A journey of a thousand miles begins with a single step.

Offline

Pages: 1

Board footer

Powered by FluxBB