You are not logged in.
So I noticed this bug when trying to switch from busybox based initial ramdisk to systemd based initial ramdisk.
In case of sd-encrypt hook I noticed that default password retries is 3. (See tries= option) but in my case it allows only 2 tries and then fails. Anyone else noticed the same?
To check this manually I ran following command. Note the tries=N option at the end.
systemd-cryptsetup attach root /dev/disk/by-id/foo-part3 "" tries=3I kept providing wrong password.
Inspite of tries=3 (which is also default) it asked for password only twice.
So then I changed it to tries=4.
And this time it asked for password 3 times.
Overall systemd-cryptsetup asks for password one time less than what is specified in tries.
Then I tried with tries=1 and tries=2 and I noted that in case of tries=2 systemd-crypsetup automatically tries the password for second time. So effectively it always asks for password one time less than what is mentioned in tries=N option.
# systemd-cryptsetup attach root /dev/disk/by-id/foo-part3 "" tries=1
? Please enter passphrase for disk foo (root): •••••••••
Set cipher aes, mode xts-plain64, key size 512 bits for device /dev/disk/by-id/foo-part3.
Failed to activate with specified passphrase. (Passphrase incorrect?)
Too many attempts to activate; giving up.# systemd-cryptsetup attach root /dev/disk/by-id/foo-part3 "" tries=2
? Please enter passphrase for disk foo (root): •••••••••••
Set cipher aes, mode xts-plain64, key size 512 bits for device /dev/disk/by-id/foo-part3.
Failed to activate with specified passphrase. (Passphrase incorrect?)
Set cipher aes, mode xts-plain64, key size 512 bits for device /dev/disk/by-id/foo-part3.
Failed to activate with specified passphrase. (Passphrase incorrect?)
Too many attempts to activate; giving up.Notice how it tried one additional times on its own, without actually asking for password the second time.
This seems like a bug with systemd but before I file bug report with systemd guys, just wanted to confirm if it is the case with everyone using sd-encrypt / systemd-cryptsetup?
Thank you.
Last edited by amish (Yesterday 11:04:47)
Offline