You are not logged in.

#1 2018-09-29 18:33:48

KairiTech
Member
From: Toronto, Canada
Registered: 2011-06-04
Posts: 234

encrypt hook - "Keyfile could not be opened. Reverting to passphrase."

I have been modifying my encrypt hook as indicated here, Modifying encrypt hook, for quite some time with no issues. However, over the last several weeks it can no longer find the keyfile specified in the kernel parameter below and I get the passphrase prompt.

cryptkey=UUID=D4C1-41C0:vfat:/boot/lxK/k_64SSDx3

However, when I force the ckeyfile variable to the same keyfile as below it works and there's no prompt.

run_hook() {
    modprobe -a -q dm-crypt >/dev/null 2>&1
    [ "${quiet}" = "y" ] && CSQUIET=">/dev/null"

    # Get keyfile if specified
    ckeyfile="/crypto_keyfile.bin"
    ckeyfile="/boot/lxK/k_HDD"
    if [ -n "$cryptkey" ]; then
        IFS=: read ckdev ckarg1 ckarg2 <<EOF
$cryptkey
EOF

For completeness here's the sylinux boot menu item (same thing happens if I go the UEFI route):

        MENU LABEL ]HDD 
        LINUX /EFI/HDD/vmlinuz-linux.efi
        APPEND root=/dev/mapper/HDD cryptdevice=/dev/md1:HDD:header cryptkey=UUID=D4C1-41C0:vfat:/boot/lxK/k_HDD init=/usr/lib/systemd/systemd pcie_aspm=force rootdelay=3 quiet loglevel=0 rd.udev.log-priority=3 
        INITRD /EFI/HDD/initramfs-linux.img

This is how I format the partition holding the keyfile:

mkfs.vfat -v -s2 -F32 -n lxK_boot /dev/sdf1

This confirms the UUID I specify in the krenel parameter:

/dev/sdf1: LABEL="lxK_boot" UUID="D4C1-41C0" TYPE="vfat" PARTLABEL="lxk_boot" PARTUUID="aa7281c7-a586-4eb6-abb4-a2e5146ad8b2"

I've been looking over my LUKS setup for a while now but just can't see anything that might explain this.

Am I missing something so bovious that I should go out and buy myself some brown paper bags?

Last edited by KairiTech (2018-09-30 03:54:03)


-=[ LIVE enabled UEFI with redundant syslinux pure systemd detached LUKS header partitionless encrypted GPT SSDx3 RAID0 because I can.  ]=-

Backward compatibility is for the masses. There's no dual-boot here...

Offline

#2 2018-10-11 23:07:56

jecki
Member
Registered: 2018-10-11
Posts: 1

Re: encrypt hook - "Keyfile could not be opened. Reverting to passphrase."

I had a very similar problem: A week or two ago, the system suddenly could not open the keyfile from my usb-stick any more. I was able to solve the problem by adding uas and usb_storage to MODULES in /etc/mkinitcpio.conf :

MODULES=(uas usb_storage ...)

Offline

#3 2018-10-14 04:03:03

nyn
Member
Registered: 2015-05-27
Posts: 10

Re: encrypt hook - "Keyfile could not be opened. Reverting to passphrase."

jecki wrote:

I had a very similar problem: A week or two ago, the system suddenly could not open the keyfile from my usb-stick any more. I was able to solve the problem by adding uas and usb_storage to MODULES in /etc/mkinitcpio.conf :

MODULES=(uas usb_storage ...)

Thank you very much. I encountered the same problem after updating my system yesterday and this fixed it.

Offline

Board footer

Powered by FluxBB