Can't shake the second password prompt on boot

Hi there, new openSUSE user here

I have an extra HD drive to decrypt on boot (it wasn’t set up during installation). I followed the steps on SDB:Encrypted root file system - openSUSE Wiki to add a key file: “This works exactly as described above in steps 1-4”. Created the key, added it to the correct partition, etc.

But since it’s not the root partition, I read:

“except that you don’t need to add the key for those partitions to the initrd”

And so I didn’t. I still did “sudo dracut -f” though.

Problem is, I still get asked for the password twice. How can I troubleshoot this? Should I add it to initrd?

Thanks in advance!

And how many times were you asked before you added this drive?

Hi, thanks for replying!

Post install: I was asked once, but it didn’t do anything with the drive automatically.

After I added it to fstab via Yast partitioner (having provided the app with the decryption password): twice

After I did the procedures I described in the original post: still twice

Show /etc/crypttab.

cr_ata-WDC_WDS120G2G0A-00JH30_20153T472105-part2  UUID=95dedad7-bb0d-400d-91d3-d8e3d18f042f  none  x-initrd.attach

luks-0e4ffbcd-d09d-4014-b184-83361e592717  UUID=0e4ffbcd-d09d-4014-b184-83361e592717  none  noauto

cr-auto-2  UUID=ccd83304-25d8-410b-b97e-448fee0a11ad /.ar.key x-initrd.attach

The first line is the root filesystem as set by the installer. The second is another encrypted partition, but one I don’t want mounted at boot. The third is the relevant one for the issue I’m having.

So, you first told the system to unlock your partition in initrd and then you did not include the key to do it automatically in initrd. Why are you surprised that initrd prompts you for the password?

1 Like

Why are you surprised that initrd prompts you for the password?

Because the step telling me it’s unnecessary to add the key to initrd is still under the general section “Avoiding to type the passphrase twice”. And as it told me it wasn’t necessary, it didn’t tell me what would happen in case I didn’t :slight_smile: I’ll try adding something to openSUSE’s SDB if the wiki’s editors will accept it.

It’s my first time messing directly with crypttab so sorry for the noob mistake, and thank you for your time and patience! Have a happy new year!

Wiki is not a divine revelation. Anything in it (and anything you found on Internet in general) should not be used blindly. It should be considered just an example valid for the specific environment where it was written and that you need to review and adjust as needed. Things change and instructions become outdated.

In this case dracut historically ignored x-initrd.attach option and only included in initrd the devices needed for the root filesystem. So the article was correct at the time it was written.

Excellent. That is how these things are kept up to date :slight_smile:

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.