Comment # 32 on bug 909912 from Thomas Blume

(In reply to Olaf Hering from comment #31)
> (In reply to Thomas Blume from comment #29)
> 
> > http://systemd-devel.freedesktop.narkive.com/89Dn3OnK/patch-cryptsetup-
> > generator-add-jobtimeoutsec-0-for-all-known-crypt-devices
> 
> That patch may be in TW.
> 
> But does it really make crypted lvm (or crypt in general) userfriendly?
> 
> What I expect is:
> - waiting for passphrase takes a given amount of time (4th field in crypttab)
> - failing to enter the passphrase drops into shell.

Tested with recent tumbleweed (20150802).
The above expectations are met with the following changes.
In /etc/crypttab:

-->-
#cr_whatever     /dev/crypt/vol1      none       none
cr_whatever     /dev/crypt/vol1      none       timeout=40
--<--

In /etc/fstab:

-->--
#/dev/mapper/cr_whatever /whatever            ext4       acl,user_xattr,nofail
0 2
/dev/mapper/cr_whatever /whatever            ext4       acl,user_xattr 0 2
--<--

When the system goes to emergency shell, you can press Control-d in order to
get again the password prompt for decrypting the device.
When you then enter the correct password, the system will boot up completely.

>   'nofail' in fstab may be the way to tell that a given mnt is not essential

This is the default after installation and lets the system boot up instead of
dropping into the emergency shell.
The 'nofail' behaviour will only be visible when you configure a timeout in
/etc/crypttab.
The default in crypttab (e.g. 'none' in the 4th filed) just lets the system
wait for ever for a passphrase.

So, your expectations are configurable.
Setting them as defaults would be easy, but maybe other users would then
complain that the system doesn't wait.

However, can you confirm that this works for you?