You are not logged in.

#1 2022-07-14 00:37:59

UnluckyNinja
Member
Registered: 2022-02-14
Posts: 13

[SOLVED] Cannot unlock LUKS drive after replacing GRUB

I am trying to replace GRUB with ZFSBootMenu and my disk is LUKS encrypted with a detached header. While I was using GRUB I had this configuration:

GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3 quiet"
GRUB_CMDLINE_LINUX="rd.luks.name=YYYYYYY-YYYYYYYYY-YYYYYYYYY=diskname rd.luks.key=YYYYYYY-YYYYYYYYY-YYYYYYYYY=/path/to/diskname.key rd.luks.name=XXXXXXXX-XXXXXXXXX-XXXXXXXXXX=anotherdisk rd.luks.options=XXXXXXXX-XXXXXXXXX-XXXXXXXXXX=header=/path/to/anotherdiskheader.img rd.luks.data=XXXXXXXX-XXXXXXXXX-XXXXXXXXXX=/dev/disk/by-id/ZZZZZ-ZZZZZZZ-ZZZZZZZ root=zfs:AUTO"

This would unlock diskname with a keyfile and prompt me to insert a password for anotherdisk and it was working with no issues with an initramfs generated by Dracut.

Then I replaced GRUB by ZFSBootMenu and added this to Kernel Commandline using ZFSBootMenu methods:

loglevel=3 quiet rd.luks.name=XXXXXXXX-XXXXXXXXX-XXXXXXXXXX=anotherdisk rd.luks.options=XXXXXXXX-XXXXXXXXX-XXXXXXXXXX=header=/path/to/anotherdiskheader.img rd.luks.data=XXXXXXXX-XXXXXXXXX-XXXXXXXXXX=/dev/disk/by-id/ZZZZZ-ZZZZZZZ-ZZZZZZZ rd.luks.key=XXXXXXXX-XXXXXXXXX-XXXXXXXXXX=/path/to/anotherdisk.key

Now I'm trying to unlock the disk with the detached header with a keyfile. The initramfs receives these parameters (I checked in dracut recovery shell), but it doesn't unlock the disk. I don't know why it happens. When using GRUB it works with a very similar setup.

Anyone has any idea why the initramfs is not unlocking the disks?

SOLVED:

It was dracut not adding the necessary modules for LUKS unlocking at boot.

Last edited by UnluckyNinja (2022-07-15 18:29:11)

Offline

Board footer

Powered by FluxBB