Ubuntu Installation :: Lockup On Mount Of Luks Crypt Fs At Boot?
Aug 10, 2010
It seems I've run into a bit of a problem. I recently upgraded to the latest kernel 2.6.32-24-generic (x86) but when I reboot into the new kernel and type in my password the system hangs, same when using a keyfile on the root file system.to give an outline of how the disks are setup.3 hard drives
sda1 / = unencrypted
sdb1 /home = encrypted w/ luks
sdc1 /backup = encrypted w/ luks
When i boot to the original kernel 2.6.32-21 I'm able to successfully get into the system.
View 1 Replies
ADVERTISEMENT
Dec 22, 2009
When I upgraded from FC11 to FC12 of the encrypted raid partitions started to request password on boot (in FC11 not having references to encrypted md1 in fstab and crypttab, was enough for FC11 not to ask for passwords on boot) despite the fact that I removed /etc/crypttab and there is nothing in /etc/fstab relating to encrypted md1 (raid array). I want my machine to boot w/o asking me passwords for encrypted devices, and I will open and mount them myself manually after boot.
View 11 Replies
View Related
Apr 4, 2011
I have a perfectly OK 2.5 inch disk drive from a dead laptop (graphics card failed).
The hard drive is fine. I know the passphrase.
I had installed Ubuntu 10.04 with full fisk encryption using dm-crypt/luks using the alternate install cd.
I'm not exactly sure of the configuration I selected. Just that its full disk encryption with a pre-boot passphrase prompt.
Now my issue is, I have put the drive into a usb drive docking station, and I simply want to mount the partition on my new laptop, so I can copy the files over.
I've tried googling for various things like "mount dm-crypt drive linux" and "how to mount a luks encrypted partition linux", but I get no results.
View 4 Replies
View Related
Feb 22, 2010
I'm trying to have a LUKS encrypted partition mounted at startup and to have GDM ask for my key so it will decrypt. Now I followed [URL] to the letter. Except for now, I have it just mounted into /mnt/cryptohome so I'm not messing with my system. My problem is the one everyone mentions in the comments, ubuntu isn't asking for the LUKS key in the X display, it's asking in the first terminal (Ctrl-Alt-F1). This will not do. I need it to ask to mount my drive before I'm even asked to login, so eventually I can encrypt my /home.
View 9 Replies
View Related
May 15, 2010
Since i'm on-the-road a lot encryption is crucial, with windows i've always used TrueCrypt and DiskCryptor, this is very easy to setup and allows me to create usb/cd devices that i can boot off and contain a keyfile, on boot it also requires a passphrase. Currently all i need to do is boot from harddisk and enter my passphrase. I would like to be able to boot from external device (in this case USB) that contains the bootloader and an integrated keyfile, also it should requist the passphrase. I found a guide on how to achieve two-factor authentication with dm-crypt on feisty but it's quite an old guide and is realy realy complicated for a newbie
View 1 Replies
View Related
Oct 4, 2010
I'm simply interested in a more basic discussion of why one would choose one of these methods over the other. What do they offer that the other does not? I'll start with what I know:
- dm-crypt/LUKS
--- included in a lot of install images already; in other words, perhaps easier to implement on a fresh install
- TrueCrypt
--- multiple encryption algorithms possible
[code]....
For me... I have no need for Windows compatibility, though I do use OS X on a dual booting MacBook. I believe TrueCrypt woks with OS X, so that could be a bonus, though I can simply encrypt my home folder on OS X with it's own FireVault and be fine.My setup (after wiping and starting over) will probably be like so:
- /boot on it's own primary partition
- / on it's own primary partition with logical partitions within
--- /usr, /var, /etc, /opt, and the like on a logical partition
--- /home on a logical partition
/home will surely be encrypted and I'm leaning toward encrypting the rest as well, though perhaps it's not necessary. I'm open to input there as well -- is there anything the leaks from normal application use into /var or /tmp that would make one lean toward just encrypting the whole thing?
I opened up TrueCrypt just to look at it and since I can't encrypt a whole partition without losing data... I pretty much have to encrypt from what? A live CD? This could be a drawback -- I think since TrueCrypt isn't coming on install disks, I'd have to go with an unencrypted (or dm-crypt/LUKS) root partition and then use TrueCrypt to make a container (or partition) for /home only. I can't think of another way to do this since I can't encrypt the whole disk as one entity with my dual booting situation...
View 9 Replies
View Related
Jul 17, 2011
I managed to setup an encrypted partition that's mounted on boot using dm-crypt/LUKS.
The relevant entry from my /etc/fstab:
/dev/mapper/st_crypt /media/st ext4 defaults 0 2
The partition is mounted at boot, and I can write to it as root just fine, but I have no idea how to make it writable by a normal user (i.e the users group).
View 1 Replies
View Related
May 27, 2010
I'm having a problem auto-mounting a new luks partition. I have crypttab and fstab entries. I already have my primary encrypted partition (root) mounting at boot (from the install), but after creating this one manually, it does not open on boot. It auto-mounts when I run the following command manually after boot: sudo luksOpen /dev/disk/by-uuid/<uuid> mycrypt
/etc/crypttab entry:
personalcrypt /dev/disk/by-uuid/a1af5b7b-db58-4690-b586-b74407795e2c none luks
/etc/fstab entry:
[code]...
View 1 Replies
View Related
Aug 1, 2011
I've installed Ubuntu 11.04 on a Fujitsu Esprimo E900. During installation, I've used the guided encryption setting because neither GRUB nor LILO would ever install on the LVM configurations I created myself. So after installing Ubuntu 11.04, when I boot regularly, the computer freezes completely. When I try to launch the recovery mode kernel, I get this far and then the computer locks up, too. Ubuntu lockup during boot by germanium, on Flickr
You can see the label is sdb5_crypt which is a bit odd since the partition is on /dev/sda. However, I already tried changing grub.cfg to /dev/sda instead of /dev/sdb but that didn't do anything. This is all a bit odd to be. The funny thing is I've been trying to set this computer up for a month and I'm a professional programmer (Java, JavaScript, Groovy) with 20 years of programming experience and I never thought Ubuntu would be this hard to install on a more-or-less stock Intel box.
View 2 Replies
View Related
May 1, 2010
I've just upgraded from 9.10 on a system that has an encrypted root partition encrypted using the following guide:
[URL]
On boot, prior to the LUKS password prompt, I see the error:
Code:
cannot open file /etc/console-setup/boottime.kmap.gz
The consequence is that the keyboard does not respond, the password cannot be entered, and the root partition cannot be unlocked.
This behavior occurs on all 2.6.32.x kernels but falling back to my previous kernel, 2.6.31.9-rt works just fine.
This is on a production system and is not running in a virtual machine, so the issue is not:
[URL]
I have tried running sudo dpkg-reconfigure console-setup, which does regenerate the initram-fs for the desire kernel, but it does not solve the problem.
The guide's initram hook includes the lines:
Code:
mkdir -p ${DESTDIR}/etc/console-setup
cp /etc/console-setup/boottime.kmap.gz ${DESTDIR}/etc/console
... but my understanding of the initram stages of the boot process are hazy and I am unclear what the intent is behind the lines.
View 8 Replies
View Related
Jun 11, 2009
I downloaded the Fedora 11 KDE livecd, installed it, and after the reboot when I get to that "firstboot" screen, I can't move the mouse, the keyboard doesn't work, I have to hold down the power button to turn off the computer.
View 11 Replies
View Related
May 26, 2011
I have a setup that looks like this
[Code]....
and I'm dumped into recovery mode. However, if I remove these mounts from /etc/fstab via comments, I can wait for the system to boot (which it does very quickly) then mount the mapper devices myself. So what is going on? Has something changed wrt logical volumes, or is this just systemd? I can live with manual mounting, but any advice on resolving the automatic mounting situation would be great.
[Code]....
View 2 Replies
View Related
Jan 7, 2011
I just bought a new laptop which will be running SSD (Corsair 120GB) as the boot drive and would like to migrate my OS to the new system. One of my requirements is full-disk encryption. I work with proprietary client data and need to encrypt the new drive, its swap partition, everything except for /boot. I've read instructions for doing this from the alternate install CD, but my OS is disturbingly customized (started out as 10.04) and it would take months to rebuild everything. I keep remastersys (-dist) ISOs to ensure I don't have to go through that process, but the ubiquity installer does not appear to have the option of doing disk-level crypt during the installation process. I can boot the ISO into CLI, but don't know how to run the alternate installer from there.
View 1 Replies
View Related
Jun 24, 2011
I just created a LUKS filesystem following these instructions. Everything seemed okay at first. It mounted with no problem and I moved some files there. I then unmounted it and remounted it to see if I would need to use a special command. It mounted right away and even allowed access to normal users. So, I rebooted to see if anything would change. Before I go on I should say that my partitioning scheme is weird. Not knowing any better I 'upgraded' to 11.04 when my update manager told me a new version was out. This didn't go well and I had to do a fresh install to put 10.10 back on my machine. After this the way it partitions the drive has been weird. What I had was /dev/sda1 which has my installation on it including /home. But, where it gets weird is /dev/sda2 would not manually mount. Looking at the disk in gparted it showed /dev/sda2 THEN under that, as if they were sub partitions or something, I had sda6 and sda7. I had been using 6 and 7 for various things and they mounted fine, so I decided to encrypt 7. After reboot I only have sda1. Everything else shows up as unallocated and ever way I try to mount I get device does not exist.
I only did the procedure for sda7 but 6 has been affected as well. There is no longer a sda2 the way there was before. This always bothered me anyway since I wanted sda2 for my /home but it wanted to call it sda6 and put it under sda2 like I said, I could never fix that, now this.
View 3 Replies
View Related
Feb 1, 2016
I have two basically identical harddrives that are encrypted with LUKS containing a complete debian installation:
Code: Select allroot@x200s:/home/b# lsblk --fs
NAME FSTYPE LABEL UUID MOUNTPOINT
sda
├─sda1 ext2 0b851969-281e-4db2-8a5b-3798e801711b /boot
├─sda2
└─sda5 crypto_LUKS cfcf63ef-448a-4f72-9f58-8f7731cf3dfc
└─sda5_crypt LVM2_member 21CS3f-SQeQ-XcMr-kyDs-OPtR-egmT-HkvJAu
[Code] ....
sda is what I currently run to write this text, sdb is my former harddrive, connected via USB.
I want to access the root partition on sdb.
The problem is:
Code: Select allcryptsetup luksOpen /dev/sdb5 oldhd
Enter passphrase for /dev/sdb5:
root@x200s:/home/b# ls /dev/mapper/
control oldhd sda5_crypt x200s--vg-root x200s--vg-swap_1
root@x200s:/home/b# mount /dev/mapper/oldhd /mnt/
[b]mount: unknown filesystem type 'LVM2_member'[/b]
[Code] ..
Before all this, both sda and sdb where in the same volume group. I renamed the volume group of sdb to "oldDisk"
using
Code: Select allvgrename <UUID> oldDisk
How I can access the data on the root filesystem of my sdb..
View 2 Replies
View Related
Jul 30, 2011
I cannot boot into Ubuntu at all. I have two kernels installed, 2.6.35-28 and 2.6.35-30. The first thing that happened today was that I wasn't able to boot into the latter. I was shown the (in)famous "BUG: soft lockup - CPU#0 stuck for 61s". At this point I could still boot into the 2.6.35-28 kernel. But after shutting down and starting again an hour later, I got the same message when trying to boot into 2.6.35-28. I have tried leaving out the boot options "splash" and "quiet" on both kernels and also adding in "noapic". No combination helps. Needless to say, booting into recovery mode doesn't work either. Up until today, I have been able to boot into both kernels with no problems.
View 1 Replies
View Related
Oct 22, 2009
I have a new Fedora 11 install with all updates working on my: Dell XPS M1330 laptop with nVidia GeForce 8400M GS
I wanted to install compiz fusion on Gnome so I followed these step by step instructions from:
Fedora refused to boot, locking up during the process.
Here is what happens...
After updates I had 3 options at boot up:
A) If I choose the TOP one (newest) it will boot up to a black screen and nothing else, I get a white block which moves with mouse. I cant get a shell and any key I hit just echoes back...ctr-alt-del will result in normal shutdown process displaying.
If I watch the services start (F1) I see all -OK- except: nvidia.ko: Driver already enabled
The boot continues with all OK until it gets to:
STARTING atd:
at which time the screen flashes for about 7 seconds and locks up.
B) If I choose MIDDLE boot option and watch the boot process I see most services start OK except:
-[OK]
Checking for module nvidia.ko [FAILED]
nvidia.ko for kernel 2.6.30.8-64.fc11.i686.PAE was not found [WARNING]
The nvidia driver will not be enabled until found [WARNING]
Driver already disabled
-[OK]
Then the services continue on with [OK] until a few seconds later the screen halts with a mess of colors and symbols on screen and system stops booting. Any key pressed simply echoes back with no other result. Again ctrl-alt-del refreshes screen and shutdown of services proceeds normally.
View 3 Replies
View Related
May 13, 2011
After upgrading to Natty Narwhal my Crypt Keeper app will not launch. I am now unable to access secure files. Has anyone had this issue after their upgrade to Natty Narwhal? If so, How were able to resolve this issue.
View 2 Replies
View Related
Feb 21, 2015
I'm trying to manually boot (from the GRUB console) into a system set up as follows: crypt partition -> LVM -> root LV, and I'm having some trouble figuring out how to do this from the GRUB console.
I have successfully manually booted a system which is set up as just LVM -> VG -> root LV. All I have to do is load the LVM module. In GRUB, that partition shows up as (hd0,gpt5). Once I load the GRUB LVM module, I can see the logical volume within the LVM as well. (My volume group name is "caesar", and the single logical volume is named "root".)
Code: Select allgrub> ls
... (hd0,gpt5) ...
grub> insmod lvm
grub> ls
... (lvm/caesar-root) ...
It's fairly simple to manually boot:
Code: Select allgrub> set root=(lvm/caesar-root)
grub> linux /vmlinuz root=/dev/mapper/caesar-root
grub> initrd /initrd.img
grub> boot
Where I am having difficulty is in trying to insert crypt before LVM. I can set up such a scheme, and put a minimal installation on it, without issues. It's booting into it upon reboot that I can't figure out. Once I load the GRUB crypto, cryptodisk and luks modules, I can mount the crypto partition:
Code: Select allgrub> ls
... (hd0,gpt5) ...
grub> insmod crypto
grub> insmod cryptodisk
grub> insmod luks
grub> cryptomount (hd0,gpt5)
Attempting to decrypt master key...
Enter passphrase for hd0,gpt5 (<long hex string here>): <type my password>
Slot 0 opened
grub> ls
... (crypto0) ...
At this point, GRUB sees the crypto partition as (crypto0). But the GRUB LVM module doesn't see "inside" of the crypto partition, so I don't see the root logical volume within the LVM listed; all I see is (crypto0).
Code: Select allgrub> insmod lvm
grub> ls
... (crypt0) ...
Setting it as root doesn't work:
Code: Select allgrub> set root=(crypto0)
grub> ls /
error: disk `crypto0' not found.
So, How do I get GRUB to "see" LVM inside the crypto partition?
View 0 Replies
View Related
Feb 14, 2010
I know how to mount it manually. I've seen a howto on how to mount it automatically by loging in with the user, you type your username and password and it mounts your encrypted partition. But that's not what I want. My idea is to call cryptsetup and mount on boot, AND ask me for passphrase like when its loading the system, then if I don't type the right password it shouldn't mount /home, even though i type the correct USER password later when the system is loaded(and then I'd have an empty /home since my home partition wasn't mounted due to wrong passphrase).
This is what I tried: I added the commands to rc.local and I don't even feel like it was executed, no passphrase was asked. As a test if commands there were being executed, I tried simple commands lile mkdir /test and it worked. So commands there are executed, yet, no passphrase was asked to me, I looked on dmesg for crypt and found nothing, I pressed alt+ctrl+F1 desiring to find a passprhase-ask and again, nothing.
View 2 Replies
View Related
Aug 6, 2010
Nearly every time that automatic updates finishes installing the software and requires a restart of the OS, the PC locks up at the 'Ubuntu' screen with some dots beneath it.
I have been just been forcing it down by powering off/on the PC - which I figure is probably not a safe thing to do but don't know what else to do or how to troubleshoot this problem.
I've looked at some of the log files but can't make any sense of most of them nor do I know which log file might show the problem.
View 6 Replies
View Related
Aug 18, 2015
i'm trying to Debian 8.1.0 on my notebook Acer Travelmate 2200. Currently i have very outdated version of Linux Mint. It works fine but I prefer keeping system updated. Only way to get updated system now is install new one, and here i have a problem. After CD/ISO booting, installation looking for a mountd devices, etc. then i got statement that CPU stuck for x sec. The same statement appears every 20sec. I was trying it on other linux distr's they give the same error. I didn't overclocked my notebook, his temp is ok. I'm working on it few hours each day, it didn't overheat. Someone told me thats bug of 2.6.x kernel but I'm trying install new system with 3.16.x.
View 4 Replies
View Related
Jan 25, 2016
I'dont get prompt for passphrase for decrypt luks during boot.Instead it says 'error: device name required, press any key to continue"
Grub.cfg: http://pastebin.com/GZsuXp1y
kernel: linux-image-4.3.0-1-amd64
video with issue: https://www.youtube.com/watch?v=13ruhtUcwRo&feature=youtu.be
VM disk has 2 partitions:
sda1 with /boot
sda2 - luks encrypted
View 1 Replies
View Related
Jul 6, 2015
I have install a debian jessie in my laptop, i create a lvm volume with /, /home, etc and a /boot partition outside. the i move this partition to the lvm volume and boot from it, everything it´s okay and it works.
The problem is that wen boot it ask me the passphrase to load grub, and then, when grub loads the kernel, it ask me again the passphrase.
I read that i can pass a key file to the initramfs to solve this, but where i see it, he uses mkinitcpio, and i can´´t find this package in the debian repos, it an arch package, also i tried this option [URL] ...
But it asking me the passphrase 3 times, and the third fails, the sistem starts, but i read the fail in the log.
View 1 Replies
View Related
Mar 9, 2011
Has anyone tried encrypting the boot partition to prevent the kernel from being modified. Iv tried following this but I'm running into issues when building. [URL] Im using the source from bzr checkout [URL] Last time I tried I screwed grub and it wouldnt boot.
View 9 Replies
View Related
Jun 13, 2009
[code]...
when trying to choose the Linux partition, I found that it would just hang at a blank screen. Looking further into the problem, I had booted with the Linux Rescue and checked the /boot/grub/grub.conf file. It appeared to be that the menu was set to hidden. I got rid of that line, and checked the boot arguments. It still had acpi=off set with the kernel and everything else seems to be in order. Root is set to root (hd0,2) which should be correct.
View 6 Replies
View Related
Sep 2, 2010
I installed on LUKS+LVM, and I want to preserve my /home without moving the data to any external media (I don't have any). My partition layout is as follows:
sda1: /boot
sda2: encrypted volume (sda2_crypt)
sda2_crypt: LVM volume group, with /, swap and /home.
Having many previous (sad) experiences with completely borked experiments and data loss, I've decided to try the trick in VirtualBox first. I've installed Debian (testing, netinst, Dec 2009) with encrypted LVM, and touch'd a file in my $HOME so that I'd know if the contents were preserved. Then proceeded to install Ubuntu 10.04.1 from the alternative CD. After the installer started and loaded some of the basic components (but before it entered the partitioner) I've switched to a shell and read a scroll of identification:
Code:
$ cryptsetup luksOpen /dev/sda2 sda2_crypt
[entered the passphrase]
$ lvm vgscan
$ lvm lvscan
* Another concern; after the installation, I've noticed that the contents of my $HOME were overwritten by Ubuntu's default skeleton (pictures, desktop, music, templates, and other crap). The control file I've touch'd after installing Debian wasn't there.
View 1 Replies
View Related
Jan 21, 2009
I need a FREE solution that can image an entire Luks system encrypted volume and the rest of the used HDD, the MBR and /boot partition. Note: MBR and /boot are not encrypted. Note 2: I want to be able to restore entire drive from image with only a couple of steps. Note 3: Destination HDD space is a factor. Image file must be compressed and the image file must be around 40 to 50 GB or less. The smaller the image the better.
I have used clonezilla live cd before but not for encrypted volumes. I know you can install it in Linux. But, I don't know how to configure it after installation. I would be very happy if someone could tell me how to configure clonezilla in Fedora. How to guides are also welcome. I have one more question. If I image the encrypted volumes and all the stuff I mentioned above while logged in to Fedora, and I restore the drive from the image, will the recovered drive still be encrypted?
View 8 Replies
View Related
Jul 5, 2011
Is there any way to specify the bit strength for LUKS when one is installing OpenSUSE 11.4? I've tried to find it (because imho 256 bit aes is a bit high for what little i do with my netbook) but I have not. I was going to try to control+alt+F4 to a shell and create the partition setup and create the LUKS container and see if that works but in the past, trying that doesn't work either because 1) the installer doesn't ask for the LUKS password or 2) it asks, setup finishes normally, but yet I then get what seems to be random boot errors like some times the /home doesn't mount, sometimes the swap doesn't enable, etc.
Anyone care to give some input? I've been around and around the installer and can't seem to find a way to do it.
View 3 Replies
View Related
May 31, 2010
After upgrading to Lucid 10.4, I find that after booting I can no-longer auto-mount any USB drive when they are plugged in. They simply doesn't appear on the desktop as they did. Swap my PATA drive back to the one with 9.10 still installed on it is well.However, if I have USB drives plugged in before boot, they appears on the desktop, but are not auto-mounted as previously. Also when I click on any drive icon for the first time there is no response. Try again (on any drive) an the devices will all auto-mount revealing their contents in the window that subsequently opens. Everything them seems fine. I can unmount and remount at my leisure with any number of devices.
I do not have the problem of root only access that others have mentioned. I have played with usbmount and pmount as others have suggested, to no avail. They have both been removed.I have the HAL installed as default, and have already ecked media_automount_open for Nautilus on the gconf-editor.Disabling the floppy in the BIOS has not effect and I do not use autologin option.With (say) two USB drives attached, whether the devices are recognised at boot or not after boot,lsusb reveals:
Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
[code]...
View 9 Replies
View Related
