You are not logged in.
- Topics: Active | Unanswered
#1 2016-06-29 16:05:19
- mxfm
- Member
- Registered: 2015-10-23
- Posts: 163
[SOLVED] Unable to mount encrypted partitions on boot
Hi!
I use dm-crypt in plain mode to encrypt partitions, including root. I successfully dealed with decrypting root parition during boot, however I have problems with automatic mounting of other paritions via crypttab. During boot I enter passwords, dm-crypt maps partitions (i. e. Found device /dev/mapper/home -> Started Cryptography Setup for device home ... OK ), but they are not usable (i. e. mount /dev/mappe/home /home - error, bad superblock ...). In order to fix it, I have to crypt-close partitions and reopen them manually. I suspect something is wrong with crypttab because I can decrypt and mount manually, but I don't understand what exactly wrong with crypttab is.
[likely incorrect] /etc/crypttab
home PARTUUID=b50e820e-2305-48ce-afd3-9605c737d045 none plain,hash=sha512,cipher=aes-xts-plain64,size=512
swap PARTUUID=c2eb3313-9438-4ea3-82d4-19884cf0b93d none plain,hash=sha512,cipher=aes-xts-plain64,size=512
virt PARTUUID=85f993b8-f6ee-4353-b4a5-2fab583efcb4 none plain,hash=sha512,cipher=aes-xts-plain64,size=512
How I mount manually:
cryptsetup -h sha512 -c aes-xts-plain64 -s 512 open --type plain /dev/sdb6 /home (for example)
Logs show following relevant information:
[systemd-cryptsetup] Set cipher aes, mode xts-plain64 , key size 512 bits for device XXX
Crypt during boot misses sha512 option (why?), it may be a problem.
P.S.
Moving hash option after cipher solved the problem.
Last edited by mxfm (2016-06-30 18:36:27)
Offline