You are not logged in.

#1 2023-09-05 13:19:55

Tadhg
Member
From: Éire
Registered: 2023-01-19
Posts: 14

[SOLVED] BIOS Unable to boot from an encrypted drive.

Hello, a while back I followed this guide to install a system with an encrypted root partition and I ran into a weird issue that I've not seen anyone else mention, that is that, while I can't boot straight away, I can do so if I have a USB device that allows me to search for EFI partitions (there is such an option on the Artix ISO). Clearly my EFI partition works as expected but I can't get it to boot without a USB.

I just lived with it since then, assuming it to be a hardware issue, but today I tried installing on another device and I have the same issue, so I don't believe it's a hardware issue, the only thing the two devices have in common is that they both use UEFI. One of my devices uses Arch and the other Artix so I'm not sure what to make of this. Does anyone have any ideas on how to fix this? It's not life or death but needless to say it's quite annoying.

Last edited by Tadhg (2023-09-07 12:51:53)


Is fuath liom fuinneoga

Offline

#2 2023-09-05 15:30:09

ua4000
Member
Registered: 2015-10-14
Posts: 364

Re: [SOLVED] BIOS Unable to boot from an encrypted drive.

You won't like to hear it, but me and many others will not watch any random youtube video about encrypted system.
I can give you only this advise: read and follow the arch wiki : https://wiki.archlinux.org/title/Data-a … encryption
In case you have issues when following this guide, the chances are then much better to find help here.

Offline

#3 2023-09-05 16:56:21

Tadhg
Member
From: Éire
Registered: 2023-01-19
Posts: 14

Re: [SOLVED] BIOS Unable to boot from an encrypted drive.

ua4000 wrote:

You won't like to hear it, but me and many others will not watch any random youtube video about encrypted system.
I can give you only this advise: read and follow the arch wiki : https://wiki.archlinux.org/title/Data-a … encryption
In case you have issues when following this guide, the chances are then much better to find help here.

did not know that existed. will try it eventually


Is fuath liom fuinneoga

Offline

#4 2023-09-05 17:58:55

Tadhg
Member
From: Éire
Registered: 2023-01-19
Posts: 14

Re: [SOLVED] BIOS Unable to boot from an encrypted drive.

Tadhg wrote:
ua4000 wrote:

You won't like to hear it, but me and many others will not watch any random youtube video about encrypted system.
I can give you only this advise: read and follow the arch wiki : https://wiki.archlinux.org/title/Data-a … encryption
In case you have issues when following this guide, the chances are then much better to find help here.

did not know that existed. will try it eventually

Ok so I went through this guide on the wiki (which the video tutorial I linked is basically a rehash of) and I am having the exact same issue.


Is fuath liom fuinneoga

Offline

#5 2023-09-05 18:08:08

ua4000
Member
Registered: 2015-10-14
Posts: 364

Re: [SOLVED] BIOS Unable to boot from an encrypted drive.

ok, you use "LUKS on a partition".
How does your partition layout looks like, were is boot, root, efi ?

Offline

#6 2023-09-05 18:20:13

Tadhg
Member
From: Éire
Registered: 2023-01-19
Posts: 14

Re: [SOLVED] BIOS Unable to boot from an encrypted drive.

ua4000 wrote:

ok, you use "LUKS on a partition".
How does your partition layout looks like, were is boot, root, efi ?

$ lsblk
NAME            MAJ:MIN  RM   SIZE   RO  TYPE  MOUNTPOINTS
nvme0n1p1   259:1         0      512M  0     part      /mnt/boot
nvme0n1p2   259:2         0      8G    0     part      [SWAP]
nvme0n1p3   259:3         0      230G  0     part
--root      259:4         0      230G  0     crypt     /mnt

Is fuath liom fuinneoga

Offline

#7 2023-09-05 19:03:57

ua4000
Member
Registered: 2015-10-14
Posts: 364

Re: [SOLVED] BIOS Unable to boot from an encrypted drive.

and your fstab ?

Offline

#8 2023-09-05 19:10:21

Tadhg
Member
From: Éire
Registered: 2023-01-19
Posts: 14

Re: [SOLVED] BIOS Unable to boot from an encrypted drive.

ua4000 wrote:

and your fstab ?

$ genfstab /mnt 
/dev/mapper/root       /        ext4    rw,relatime                                                                                  0 1

/dev/nvme0n1p1         /boot    vfat    rw,relatime,fmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf9,errors-ermount-ro   0 2

/dev/nvme0n1p2         none     swap    defaults                                                                                     0 0

Is fuath liom fuinneoga

Offline

#9 2023-09-05 19:30:24

seth
Member
Registered: 2012-09-03
Posts: 45,112

Re: [SOLVED] BIOS Unable to boot from an encrypted drive.

systemd or udev hooks?
https://bbs.archlinux.org/viewtopic.php?id=286293 (can't personally say whether that's actually a real problem, but seems to affect several users at least)

Offline

#10 2023-09-05 19:33:23

Tadhg
Member
From: Éire
Registered: 2023-01-19
Posts: 14

Re: [SOLVED] BIOS Unable to boot from an encrypted drive.

seth wrote:

systemd or udev hooks?
https://bbs.archlinux.org/viewtopic.php?id=286293 (can't personally say whether that's actually a real problem, but seems to affect several users at least)

I tried both and neither work. Also the thread you linked is different. This guy is lucky since his bootloader will actually come up. My problem is that it doesn't unless prompted by another iso.


Is fuath liom fuinneoga

Offline

#11 2023-09-05 19:53:58

seth
Member
Registered: 2012-09-03
Posts: 45,112

Re: [SOLVED] BIOS Unable to boot from an encrypted drive.

In that case the root device encryption is a red herring, you fudged the installation of the bootloader and need to elaborate on that attempt.

Offline

#12 2023-09-06 11:20:53

ua4000
Member
Registered: 2015-10-14
Posts: 364

Re: [SOLVED] BIOS Unable to boot from an encrypted drive.

We need more details on the partition layout:
partition type, filesystems,
and as seth said on the bootloader.
Do you have en efi system partition ? correctly formated ? Bootlader installed on it ?

@Tadhg: To simply your problem: you could try a minimal arch test installation, without encryption. Do you have here the same issue?

Offline

#13 2023-09-06 11:45:06

diyfan
Member
Registered: 2022-04-05
Posts: 15

Re: [SOLVED] BIOS Unable to boot from an encrypted drive.

Which Bootloader are you using? Grub? EFIstub? Systemd Boot?

For grub:

 $ nano /etc/default/grub 

File: /etc/default/grub

GRUB_DEFAULT=0
GRUB_HIDDEN_TIMEOUT=0
GRUB_HIDDEN_TIMEOUT_QUIET=true
GRUB_TIMEOUT=10
GRUB_DISTRIBUTOR="Arch"
GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"
GRUB_CMDLINE_LINUX="cryptdevice=UUID={YOUR ROOT UUID i.e /dev/sda2,/dev/nvme0n1p2}:root root=/dev/mapper/root"

# Uncomment to enable BadRAM filtering, modify to suit your needs
# This works with Linux (no patch required) and with any kernel that obtains
# the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...)
#GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef"

# Uncomment to disable graphical terminal (grub-pc only)
#GRUB_TERMINAL=console

# The resolution used on graphical terminal
# note that you can use only modes which your graphic card supports via VBE
# you can see them in real GRUB with the command `vbeinfo'
#GRUB_GFXMODE=640x480

# Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux
#GRUB_DISABLE_LINUX_UUID=true

# Uncomment to disable generation of recovery mode menu entries
#GRUB_DISABLE_RECOVERY="true"

# Uncomment to get a beep at grub start
#GRUB_INIT_TUNE="480 440 1"

replace {YOUR ROOT UUID i.e /dev/sda2,/dev/nvme0n1p2} with yours, to find it: run

 $ sudo blkid /dev/sda2 

Make sure to run this:

 sudo grub-mkconfig -o /boot/grub/grub.cfg 

if you don't know your partition, then do:

 $ sudo lsblk 

if you are on systemd-boot:

 $ sudo nano /boot/loader/entries/arch.conf 

File: /boot/loader/entries/arch.conf

 
title Arch Linux
initrd /intramfs-linux.img
linux /vmlinuz-linux
options cryptdevice=UUID={YOUR ROOT UUID i.e /dev/sda2,/dev/nvme0n1p2}:root root=/dev/mapper/root rw init=/sbin/init

efistub:

 $ sudo efibootmgr 
 $ efibootmgr -b **bootnum of the kernel** -B 
 $ sudo blkid /dev/sda2 > bootmgr.sh 
 $ chmod +x bootmgr.sh 
 $ nano bootmgr.sh 

File: ./bootmgr.sh

#! /bin/sh
efibootmgr --create --disk /dev/sda --part 1 --label "Arch Linux" --loader /vmlinuz-linux --unicode 'initrd=/initramfs-linux.img cryptdevice=UUID={YOUR UUID HERE}:root root=/dev/mapper/root rw init=/sbin/init'

# Partition number Must be the Partition number of the esp 
 sudo ./bootmgr.sh 

Last edited by diyfan (2023-09-06 11:54:26)

Offline

#14 2023-09-07 12:51:38

Tadhg
Member
From: Éire
Registered: 2023-01-19
Posts: 14

Re: [SOLVED] BIOS Unable to boot from an encrypted drive.

ua4000 wrote:

We need more details on the partition layout:
partition type, filesystems,
and as seth said on the bootloader.
Do you have en efi system partition ? correctly formated ? Bootlader installed on it ?

@Tadhg: To simply your problem: you could try a minimal arch test installation, without encryption. Do you have here the same issue?

I tried this, copying the guide word for word and it worked as expected, and it was then when I noticed what I was doing wrong. Turns out I was installing grub into the wrong folder by virtue of misremembering the steps from previous installations. Everything works now, thanks for the help everyone


Is fuath liom fuinneoga

Offline

Board footer

Powered by FluxBB