Am Donnerstag, 31. Dezember 2015, 00:15:33 schrieb Jeremi Piotrowski: > This will lead to you having to enter the password > twice - once when grub starts and once when the initramfs is setting up /.
If, and ONLY if, your /boot is inside your LUKS-encrypted volume, you can also add a keyfile for your LUKS-volume (I used another keyslot for that, but you can also use the password, you use for manual unlocking..) to your crypttab and your dracut-initrd: % cat /etc/crypttab mySSD.crypt UUID=2850e418-f325-47b6-b42b-82a60055a0c6 /root/mySSD.lukskey discard,luks crypttab-format: (Name Path/Spec /path/to/key options) (see man 5 crypttab) % cat /etc/dracut.conf.d/luks.conf install_items+="/etc/crypttab /root/mySSD.lukskey" check if the permissions for your initrd are save, aka only readable for root, dracut automatically sets them to 600 and root:root here, but better save than sorry.. with that setup you do not need to enter the password twice, because your initrd is able to open the luks-device with the keyfile.
