Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: cant decrypt main drive on Boot.

  1. #1

    Default cant decrypt main drive on Boot.

    Hello,

    I have removed 3 harddrives from my system, now the system is stuck and cant decrypt.
    I used this fix avoiding to type the pw twice, without any clue what I was doing. It worked, now I guess the name of the drive has changed, causing it to crash. Because it works with all other drives attached.

    I want to type the pw, twice again. How to do that?

    with my next system I will disable encryption for sure..

  2. #2
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    12,345
    Blog Entries
    3

    Default Re: cant decrypt main drive on Boot.

    Yes, it might be that drive names have changed. Unfortunately, the installer seems to sometimes use drive names in "/etc/crypttab".

    Let's look into rescuing your system.

    Step 1: Boot from rescue media. If you still have the installer (either DVD or NET installer), you should be able to boot that to the rescue system..

    From the rescue system, you will need to work out which partition is which. A command such as:
    Code:
    fdisk -l /dev/sda
    might give you sufficient hints. Or, if that does not give enough information, try:
    Code:
    parted -l
    You can then decrypt the partition with something like:
    Code:
    cryptsetup luksOpen /dev/sdXY cr_sdXY
    Change that "/dev/sdXY" to the actual device. The "cr_sdXY" is just a symbolic name, so you can leave it like that for the moment.

    If you get that far, then mount the partition. This will be something like
    Code:
    mount /dev/mapper/cf_sdXY  /mnt
    or, if you used an encrypted LVM, it might be
    Code:
    mount /dev/mapper/system-root /mnt
    You can use "ls /dev/mapper" for hints on what to mount.

    Once you have something mounted, it would be useful to post the content of
    /mnt/etc/crypttab
    /mnt/etc/fstab

    The basic outline of further steps is:
    Fix any naming problems (may require editing "fstab" and/or "crypttab")
    Rebuild the "initrd".

    That's just an outline, because I'll need to see the content of "crypttab" and "fstab" to give more specific details.

    By the way, crypto is working fine here. Admittedly, I did not remove drives. But the big difference is that after install, I edited "/etc/crypttab" and changed it to use UUID rather than device name to reference the encrypted device. That's more robust.
    openSUSE Leap 15.1; KDE Plasma 5;

  3. #3

    Default Re: cant decrypt main drive on Boot.

    Im sorry, I didnt clarify. Im in the System, I just reattached the 3 drives for now..

    From the system, I would like to disable the encryption entirely, however from the lack of guides I figured this isnt possible. So going back to the "two passwords solution" seems like a path of least resistance.

    I dont know for me, features like encryption, should be backed into the System and work. Im not really happy with this broken fix beeing advertised as a solution.
    But anyways it doesnt matter now, how to fix it?

    edit: I should add that in the near future, I will have to do a new system setup anyways, so two pw isnt to big of an inconvience until then. 👍

  4. #4
    Join Date
    Nov 2009
    Location
    West Virginia Sector 13
    Posts
    15,645

    Default Re: cant decrypt main drive on Boot.

    So you don't want it mounted at boot right???

    just remove it from /etc/fstab Edit this file or you can use yast-partitioner

  5. #5
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    12,345
    Blog Entries
    3

    Default Re: cant decrypt main drive on Boot.

    To disable crypto entirely would require reinstall, or at least would require backup and restore.

    Can you post the content of "/etc/crypttab"? Use CODE tags for that.
    openSUSE Leap 15.1; KDE Plasma 5;

  6. #6

    Default Re: cant decrypt main drive on Boot.

    Quote Originally Posted by gogalthorp View Post
    So you don't want it mounted at boot right???

    just remove it from /etc/fstab Edit this file or you can use yast-partitioner
    Yes, thats what I want to do. I will try my luck soon, thank you.

    Code:
    cr_sdc3  UUID=1bcb1fce-9e21-4b14-a9b8-fc01b57d76f5 /.root.key
    thats all.

  7. #7
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    12,345
    Blog Entries
    3

    Default Re: cant decrypt main drive on Boot.

    I had been assuming that the encrypted partition is your root file system.

    If not, then yes you can just remove the entry from "/etc/fstab". But you also need to remove the entry from "/etc/crypttab" or at least put "noauto" in the 4th column (the options). Otherwise there's going to be an attempt to find that partition and decrypt it during boot.

    And maybe also run
    Code:
    mkinitrd
    afterwards, because some of the information about crypto might be in the "initrd".
    openSUSE Leap 15.1; KDE Plasma 5;

  8. #8

    Default Re: cant decrypt main drive on Boot.

    Quote Originally Posted by nrickert View Post
    I had been assuming that the encrypted partition is your root file system.

    If not, then yes you can just remove the entry from "/etc/fstab".
    Oh, no it is root.
    so In that case deleting the crypttab entry is enough?

  9. #9
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    12,345
    Blog Entries
    3

    Default Re: cant decrypt main drive on Boot.

    If root is encrypted, then you need that crypttab entry. Otherwise the system won't boot.

    What is particularly important, is that any changes that affect the root file system may require rebuilding the "initrd" (by running "mkinitrd").

    The crypttab entry that you listed does use UUID, so should not be affected by changes to disk configuration. But it might still need remaking the "initrd".
    openSUSE Leap 15.1; KDE Plasma 5;

  10. #10

    Default Re: cant decrypt main drive on Boot.

    Quote Originally Posted by nrickert View Post
    If root is encrypted, then you need that crypttab entry. Otherwise the system won't boot.

    What is particularly important, is that any changes that affect the root file system may require rebuilding the "initrd" (by running "mkinitrd").

    The crypttab entry that you listed does use UUID, so should not be affected by changes to disk configuration. But it might still need remaking the "initrd".
    So I figured. While running the desktop I unplugged all other Drives, and ran mkinitrd.

    edit: that didnt work. However I just saw in while booting that /root and also /home were mounted successfully. So the Issue is with the other drives, and nothing with todo about encryption..

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •