Alex <geosmin104 <at> gmail.com> writes: > > > I was advised on IRC to post this issue here after trying IRC, forums, searches, man pages, wikis, etc. > > During init, systemd asks for the passphrase of non-root LUKS drives when they are added to crypttab even though a keyfile is specified. The keyfile is the same one I'm using to open (old) truecrypt drives (also with crypttab) - those open fine and don't ask for the passphrase. > > /etc/crypttab looks like this: > > tcrypt_drive1 /dev/sdXY /path/to/keyfile tcrypt > tcrypt_drive2 /dev/sdYX /path/to/keyfile tcrypt > luks_drive1 UUID=$UUID /path/to/keyfile > luks_drive2 UUID=$UUID /path/to/keyfile > > What I've tried so far, in no particular order: > > - Checking that crypttab's formatting is correct > - Checking that keyfile has proper permissions > - Adding and/or removing the 'luks' flag to the luks drives in crypttab > - Specifying an entry in /etc/fstab for where the luks drives should be mounted > - Specifying an (identical) keyfile not being used by the tcrypt drives > - Removing the tcrypt drives from crypttab and leaving only the luks drives > - Using /dev/sdXY instead of UUID > - Reversing the order of the tcrypt and luks drives in crypttab > - Rebuilding initramfs > - Checking that crypttab was not present in initramfs > > Note: LUKS drives open fine if passphrase is manually typed in when systemd prompts for it, as well as post-init when using cryptsetup and specifying the keyfile.
What cryptsetup command do you use to open the device? My best guess is the different handling of the keyfile itself. Afaik, systemd-cryptsetup will use the full keyfile to open. That includes any trailing new line. Depending on how you use cryptsetup, it will handle they keyfile differently (see "Notes on Password Processing" in cryptsetup(8)). You should try removing any trailing new lines from the keyfile. Jan _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
