You are not logged in.
- Topics: Active | Unanswered
#1 2026-02-21 03:11:43
- arch-router
- Member
- Registered: 2026-02-17
- Posts: 6
[Solved] Installing arch with luks, timesout not prompting for pw
I am installing a fresh arch and having difficulty booting arch to a prompt to decrypt the drive. it just times out on cryproot and fails, no prompt. there are usb address errors that appears like that's where it's looking for the keys to decrypt, but no config i can find is leading it there. i want to type in the passphrase each time i boot. I followed the instructions as best as i understand them.
intended setup:
* encrypted root
* encrypted swap
* type luks pw on boot
* systemd-boot
problems:
* bootup tries to decrypt swap first, not root
* bootup times out not asking for luks pw
here are my drives:
NAME FSTYPE FSVER LAEL UUID FSAVAIL FSUSE% MOUNTPOINTS
loop0 squashfs 0 100% /run/archiso/airootfs
sba
sba1 ext4 1.0 USBPNY1TVAULT <uuid>
sbd iso9660 joliet extension arch_202602 <uuid>
sbd1 iso9660 joliet extension arch_202602 <uuid>
sbd2 vfat FAT32 ARCHISO_EFI <uuid>
sdc
sdc1 exfat 1.0 USB322FD <uuid>
nvme1n1 crypto_LUKS 2 <uuid>
nvme0n1
nvme0n1p1 vfat FAT32 061D<uuid> 646.6M 68% /mnt/boot
nvme0n1p2 crypto_LUKS2 2 1e7b<uuid>
cryptswap swap 1 swap 03bb<uuid> [SWAP]
nvme0n1p3 crypto_LUKS2 2 ade5<uuid>
cryptroot ext4 1.0 root 9f99<uuid> 805.8G 0% /mnthere are my install commands run:
lsblk -o NAME,SIZE,TYPE,FSTYPE,PARTLABEL
lsblk -fgdisk /dev/nvme0n1:
: o # create new GPT
: n; <default>; <default>; +2G; ef00
: n; <default>; <default>; +64G; 8200
: n; <default>; <default>; <default>; 8300
: p
: w; ycryptsetup luksFormat --type luks2 /dev/nvme0n1p2
cryptsetup open /dev/nvme0n1p2 cryptswap
cryptsetup luksFormat --type luks2 /dev/nvme0n1p3
cryptsetup open /dev/nvme0n1p3 cryptroot
mkfs.fat -F32 /dev/nvme0n1p1
mkfs.ext4 -L root /dev/mapper/cryptroot
mkswap -L swap /dev/mapper/cryptswap
mount /dev/mapper/cryptroot /mnt
mount --mkdir /dev/nvme0n1p1 /mnt/boot
swapon /dev/mapper/cryptswap
mkdir -p /mnt/etc/pacman.d/gnupg
chmod -R 700 /mnt/etc/pacman.d/gnupg
pacstrap -K /mnt base linux linux-firmwarehere are the known files that appear relavent:
/mnt/boot/loader/loader.conf
default arch.conf
timeout 5
console-mode max
editor nohttps://wiki.archlinux.org/title/Dm-cry … n#cryptkey
~ If a passphrase is to be used, the cryptkey= parameter does not need to be specified manually. You will then be prompted to enter the passphrase upon boot.
~ cryptkey is missing, yet i am not prompted for a passphrase
/mnt/boot/loader/entries/arch.conf
title Arch Linux
linux /vmlinuz-linux
initrd /initramfs-linux.img
options root=/dev/mapper/cryptroot rw cryptdevice=ade5<uuid>:cryptroothttps://wiki.archlinux.org/title/Dm-cry … _boot_time
/mnt/etc/crypttab
cryptroot UUID=ade5<uuid> none timeout=180
cryptswap UUID=1e7b<uuid> none timeout=180https://wiki.archlinux.org/title/Dm-cry … mkinitcpio
/mnt/etc/mkinitcpio.conf
MODULES=()
BINARIES=()
FILES=()
HOOKS=(base systemd autodetect microcode modconf kms keyboard keymap sd-vconsole block sd-encrypt filesystems fsck)/mnt/etc/fstab
UUID=99f9<uuid> / ext4 rw,relatime 0 1
UUID=061d-9faa /boot vfat rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro 0 2
UUID=03bb<uuid> none swap default 0 0performed "arch-chroot /mnt mkinitcpio -P" after every change
bootup messages
~ it's trying to decrypt swap instead of root, but if i remove swap, the same messages show when trying to open root. intent is to open both, root first, and prompt for the pw.
------------------------
[ 4.489] usb 1-5.3: device not accepting address 8, error -71
[* ] A start job is running for /dev/mapper/cryptswap (2s / 1min 30s)
[ 5.065] usb 1-5.3: device not accepting address 9, error -71
[ **] A start job is running for /dev/mapper/cryptswap (14s / 1min 30s)
[ ***] A start job is running for /dev/mapper/cryptswap (29s / 1min 30s)
[ *] A start job is running for /dev/mapper/cryptswap (45s / 1min 30s)
[ *** ] A start job is running for /dev/mapper/cryptswap (1min 1s / 1min 30s)
[ *] A start job is running for /dev/mapper/cryptswap (1min 13s / 1min 30s)
[** ] A start job is running for /dev/mapper/cryptswap (1min 24s / 1min 30s)
[ 87.33] usb 1-5.3: device not accepting address 5, error -62
[ TIME ] Timed out waiting for device /dev/mapper/cryptswap.
[DEPEND] Dependency failed for Initrd Root Device.
[DEPEND] Dependency failed for /sysroot.
[DEPEND] Dependency failed for Initrd Root File System.
[DEPEND] Dependency failed for File System Check on /dev/mapper/cryptswap.if there are any typoes, it may not be real as this is not a copy/paste extract, but i can verify.
i feel like i am missing a category of steps, but cannot find where.
i installed arch as my router without luks and it worked so i think i have something misconfigured there, but cannot find what.
Last edited by arch-router (2026-02-24 16:19:06)
Offline
#2 2026-02-21 06:40:08
- jonno2002
- Member
- Registered: 2016-11-21
- Posts: 848
Re: [Solved] Installing arch with luks, timesout not prompting for pw
that wiki page is a bit vague on what commands to use for systemd and busybox initramfs, i prefer this page:
https://wiki.archlinux.org/title/Dm-cry … t_loader_2
you need to replace "cryptdevice=" with "rd.luks.name=":
/mnt/boot/loader/entries/arch.conf
title Arch Linux
linux /vmlinuz-linux
initrd /initramfs-linux.img
options root=/dev/mapper/cryptroot rw rd.luks.name=ade5<uuid>:cryptrootOffline
#3 2026-02-21 23:09:34
- arch-router
- Member
- Registered: 2026-02-17
- Posts: 6
Re: [Solved] Installing arch with luks, timesout not prompting for pw
i made the change, and ran mkinitcpio -P. it made no difference, and there was no change in bootup
is this bug resurfacing?
https://bugs.archlinux.org/task/54825
just like the comments, mine won't reach the emergency shell either.
Offline
#4 2026-02-22 02:42:52
- Scimmia
- Fellow
- Registered: 2012-09-01
- Posts: 13,694
Re: [Solved] Installing arch with luks, timesout not prompting for pw
No.
Post your new bootloader config. Are you retyping all of these things and that's why the UUIDs are shortened? If not, why?
Offline
#5 2026-02-22 05:42:59
- arch-router
- Member
- Registered: 2026-02-17
- Posts: 6
Re: [Solved] Installing arch with luks, timesout not prompting for pw
i have to type on my laptop what i see on the target pc, no way to copy/paste, and typing out that whole post took forever, so i shortened the uuids enough to still make out what is mapped where.
i restarted the whole install after recreating the live usb because the bootup keeps timing out looking for an address on a usb, and i get a warning about firmware missing for module qat_6xxx (relating to sd-encrypt) during mkinitcpio -P, so i thought something was corrupted. since its now a new install, all the uuids changed, and all the issues persisted anyway.
here is my new config, hope this is everything:
lsblk -f
NAME FSTYPE FSVER LAEL UUID FSAVAIL FSUSE% MOUNTPOINTS
loop0 squashfs 0 100% /run/archiso/airootfs
sba iso9660 joliet extension arch_202602 <uuid>
sba1 iso9660 joliet extension arch_202602 <uuid>
sba2 vfat FAT32 ARCHISO_EFI <uuid>
nvme1n1 crypto_LUKS 2 <uuid>
nvme0n1
nvme0n1p1 vfat FAT32 429b<uuid> 646.6M 68% /mnt/boot
nvme0n1p2 crypto_LUKS2 2 6f09<uuid>
cryptswap swap 1 swap 5d9a<uuid> [SWAP]
nvme0n1p3 crypto_LUKS2 2 8dc1<uuid>
cryptroot ext4 1.0 root f6ee<uuid> 805.8G 0% /mnt/mnt/etc/fstab
UUID=f6ee<uuid> / ext4 rw,relatime 0 1
UUID=429b<uuid> /boot vfat rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortnamemixed,utf8,errors=remount-ro 0 2
UUID=5d9a<uuid> none swap defaults 0 0/mnt/etc/crypttab
<empty>/mnt/boot/loader/loader.conf
default arch.conf
timeout 6
console-mode max
editor no/mnt/boot/loader/entries/arch.conf
title Arch Linux
linux /vmlinuz-linux
initrd /initramfs-linux.img
initrd /amd-ucode.img
options root=/dev/mapper/cryptroot rw rd.luks.name=8dc1<uuid>:cryptroot/mnt/etc/mkinitcpio.conf
MODULES=()
BINARIES=()
FILES=()
HOOKS=(base udev systemd autodetect microcode modconf kms keyboard sd-vconsole block sd-encrypt filesystems fsck)booting up
...
[ 4.489] usb 1-5.3: device descriptor read/64, error -32
[ 5.065] usb 1-5.3: device not accepting address 8, error -71
[* ] A start job is running for /dev/mapper/cryptroot (2s / 1min 30s)
[ 5.065] usb 1-5.3: device not accepting address 10, error -71
[ **] A start job is running for /dev/mapper/cryptroot (14s / 1min 30s)
[ ***] A start job is running for /dev/mapper/cryptroot (29s / 1min 30s)
[ *] A start job is running for /dev/mapper/cryptroot (45s / 1min 30s)
[ *** ] A start job is running for /dev/mapper/cryptroot (1min 1s / 1min 30s)
[ *] A start job is running for /dev/mapper/cryptroot (1min 13s / 1min 30s)
[** ] A start job is running for /dev/mapper/cryptroot (1min 24s / 1min 30s)
[ 87.33] usb 1-5.3: device not accepting address 5, error -62
[ TIME ] Timed out waiting for device /dev/mapper/cryptroot.
[DEPEND] Dependency failed for File Sysem Check on /dev/mapper/cryptroot.
[DEPEND] Dependency failed for /sysroot.
[DEPEND] Dependency failed for Initrd Root File System.
[DEPEND] Dependency failed for Mountpoints Configured in the Real Root.
[DEPEND] Dependency failed for Initrd Root Device.
...and thanks for the replies and offer to help.
Offline
#6 2026-02-22 11:41:59
- Lone_Wolf
- Administrator
- From: Netherlands, Europe
- Registered: 2005-10-04
- Posts: 14,893
Re: [Solved] Installing arch with luks, timesout not prompting for pw
and i get a warning about firmware missing for module qat_6xxx
Qat stands for Intel Quick Assist Technology which is only present on special cards / some Xeon processor models.
Unless you have such a processor / card in your system it's 100% safe to ignore the warning.
Please boot the installation iso and run
# lspci -knn > lspci.txt
# lsusb -tv > lsusb.txtIn case you have internet access while booted from the install iso, continue with
# curl -F 'file=@-' 0x0.st < lspci.txt
# curl -F 'file=@-' 0x0.st < lsusb.txtIf you don't have internet access, you'll have to put those files on an usb stick and upload them from another system.
Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.
clean chroot building not flexible enough ?
Try clean chroot manager by graysky
Offline
#7 2026-02-22 14:27:15
- Scimmia
- Fellow
- Registered: 2012-09-01
- Posts: 13,694
Re: [Solved] Installing arch with luks, timesout not prompting for pw
i have to type on my laptop what i see on the target pc
Really, don't do that. See https://wiki.archlinux.org/title/List_o … n_services as a more general version of what Lone_Wolf pointed out.
You've now spent a lot of time and effort on something that we can't trust. A single, simple typo that you fix when transcribing can bring everything down.
Offline
#8 2026-02-22 17:40:55
- arch-router
- Member
- Registered: 2026-02-17
- Posts: 6
Re: [Solved] Installing arch with luks, timesout not prompting for pw
and i get a warning about firmware missing for module qat_6xxx
Qat stands for Intel Quick Assist Technology which is only present on special cards / some Xeon processor models.
Unless you have such a processor / card in your system it's 100% safe to ignore the warning.Please boot the installation iso and run
# lspci -knn > lspci.txt # lsusb -tv > lsusb.txtIn case you have internet access while booted from the install iso, continue with
# curl -F 'file=@-' 0x0.st < lspci.txt # curl -F 'file=@-' 0x0.st < lsusb.txtIf you don't have internet access, you'll have to put those files on an usb stick and upload them from another system.
thanks, i have uploaded the files.
http://0x0.st/PS3w.txt
http://0x0.st/PS3x.txt
Last edited by arch-router (2026-02-23 02:52:21)
Offline
#9 2026-02-22 17:56:03
- arch-router
- Member
- Registered: 2026-02-17
- Posts: 6
Re: [Solved] Installing arch with luks, timesout not prompting for pw
arch-router wrote:i have to type on my laptop what i see on the target pc
Really, don't do that. See https://wiki.archlinux.org/title/List_o … n_services as a more general version of what Lone_Wolf pointed out.
You've now spent a lot of time and effort on something that we can't trust. A single, simple typo that you fix when transcribing can bring everything down.
good idea. i will ssh from my laptop into the box whenever possible, so i can copy/paste, or use this service for larger text.
Last edited by arch-router (2026-02-23 02:52:35)
Offline
#10 2026-02-24 05:26:51
- arch-router
- Member
- Registered: 2026-02-17
- Posts: 6
Re: [Solved] Installing arch with luks, timesout not prompting for pw
that wiki page is a bit vague on what commands to use for systemd and busybox initramfs, i prefer this page:
https://wiki.archlinux.org/title/Dm-cry … t_loader_2you need to replace "cryptdevice=" with "rd.luks.name=":
/mnt/boot/loader/entries/arch.conf
title Arch Linux linux /vmlinuz-linux initrd /initramfs-linux.img options root=/dev/mapper/cryptroot rw rd.luks.name=ade5<uuid>:cryptroot
this solution looks like it should work, but the colon : before the dmname needs to change to equal sign =
rd.luks.name=<uuid>=cryptrootthis was enough to get the prompt to show.
very subtle and easy to miss. i feel a callout in the instructions should bring more visibility to this since people are conditioned to use a colon.
Offline
#11 2026-02-24 06:25:36
- jonno2002
- Member
- Registered: 2016-11-21
- Posts: 848
Re: [Solved] Installing arch with luks, timesout not prompting for pw
sorry about that, i had it 90% right, your right its very easy to miss
Offline