Auto open LUKS with keyfile stored in initrd


I’m using openSUSE 42.1 Leap with 2 partitions. ESP and encrypted LVM. Since /boot is encrypted I need to type password 2 times. Once to get to grub menu and kernel initrd, 2nd to actualy mount my filesystems.

First key slot for my luks partition contains my passphrase, 2nd keyfile. What I did:

# dd bs=512 count=4 if=/dev/urandom of=/crypto_keyfile.bin
# cryptsetup luksAddKey /dev/sda2 /crypto_keyfile.bin

I want to type my passphrase ones, and store keyfile in initrd to be automaticaly used at boot time. I’ve tried to create /etc/dracut.conf.d/03-keyfile.conf with:


After that I rebuild my initrd. Problem is it does not work.

What am I missing?

/etc/crypttab in initrd need to actually reference this flie. Did you check it?

That was exactly what I was missing. Thank you!