You are not logged in.
Steps 8.1 through 8.5 of the Encrypting an entire system wiki work just fine. I believe there are missing steps for 8.6, namely:
Adding some search modules to the grub-mkimage command (and updating luks to luks2):
grub-mkimage -p /boot/grub -O x86_64-efi -c /boot/grub/grub-pre.cfg -o /tmp/grubx64.efi part_gpt part_msdos luks2 cryptodisk gcry_rijndael gcry_sha256 lvm ext2 exfat fat ntfs search search_fs_file search_fs_uuid search_label updating the grub-pre.cfg file to search for the key_disk (and changing the root variable):
set crypto_uuid=UUID-of-the-LUKS-Volume
set keydisk=USB-partition-as-it-appears-in-GRUB (example: hd0,gpt1)
set keyUUID=UUID-of-the-USB-Partition
search --set keydev --hint $keydisk --fs-uuid $keyUUID
cryptomount -u $crypto_uuid -k ($keydev)/the-location-of-the-key-on-your-usb
set root=lvm/MyVolGroup
set prefix=($root)/boot/grub
insmod normal
normalWhen creating the key slot for the USB keyfile, it states to create it the same way as step 8.5. However, the --pbkdf pbkdf2 option needs to be enabled. It's also unclear from this guide if all steps need to be repeated from step 8.5 (including the mkinitcpio FILES and MODULES changes and the /etc/default/grub changes for busybox systems), or just the keyfile creation step. I suggest that this step be more verbose instead of saying 'just do step 8.5'.
Reference issue: https://bbs.archlinux.org/viewtopic.php?id=301453
Offline