Hi all, I stumbled on this, too but I have a work-around for at least 'decrypt_keyctl'.
systemd uses systemd-cryptsetup -> systemd-ask-password -> linux keyring. The keyring can be modified by keyctl just as 'decrypt_keyctl' does. As I wanted to use 'decrypt_keyctl' for unlocking root and data with the same password, I applied this patch: --- /lib/cryptsetup/scripts/decrypt_keyctl.distrib 2017-05-09 13:50:59.000000000 +0200 +++ /lib/cryptsetup/scripts/decrypt_keyctl 2018-08-04 21:34:01.130979945 +0200 @@ -24 +24 @@ die() -ID_="cryptkey-$1" +ID_="cryptsetup" My entries in crypttab are these: crypt_sys /dev/zpool_sys/zvol_sys none luks,discard,keyscript=decrypt_keyctl crypt_data /dev/zpool_data/zvol_data none luks,discard,keyscript=decrypt_keyctl Now cryptsetup-initramfs unlocks my root device and decrypt_keyctl caches the password to linux keyring with desc=cryptsetup. Systemd then reads the key from keyring with desc=cryptsetup and unlocks my data device! :-) That keyring caching could be easily added to all other keyscripts to make systemd unlock work ;-) Best regards Michael