On Saturday, September 3, 2016 8:12:46 PM CDT Carlos E. R. wrote:

...

Any suggestions on debugging this problem?

Remove Plymouth, tell the kernel to log all messages to the screen. Perhaps.

--

Is there a way to simply disable Plymouth for the luks login?

On 2016-11-26 06:56, Chan Ju Ping wrote:

Although the suggestion was given, I do not know whether it is safe to simply remove plymouth from my packages. Some advice would be appreciated until the bug is fixed.

I routinely remove plymouth from all my systems, so yes, it is safe. It may be inconvenient, perhaps ugly to some people (no graphical boot). If you do not enter the password for some reason at boot, the system may prompt for it later. This is happening to you. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)

On 2016-11-26 19:12, Chan Ju Ping wrote:

On Saturday, November 26, 2016 2:58:05 PM CST Carlos E. R. wrote:

...

I routinely remove plymouth from all my systems, so yes, it is safe. It may be inconvenient, perhaps ugly to some people (no graphical boot).

If you do not enter the password for some reason at boot, the system may prompt for it later. This is happening to you.

Thanks for the confirmation. That worked out well!

I had to enter my luks passphrase twice to unlock the two hard-drives, while it only had to be entered correctly once for the Plymouth interface, though entering it incorrectly in Plymouth would also mean re-entering the passphrases twice.

There is a trick for that. In the first encrypted partition, create a random file, and add it as a key to the second one. Then configure /etc/cryptotab to use that file to open the second partition, instead of prompting for the password (that it is still valid). The sequence then would be that the system prompts for the password to the first partition, which is then opened. Then the system uses the key file to open the second partition, automatically. I have notes on the exact procedure somewhere, but the above might be enough of a hint to guide you. If not, I'll search for my notes. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)

On 2016-11-26 22:06, Chan Ju Ping wrote:

On Saturday, November 26, 2016 9:51:01 PM CST Carlos E. R. wrote:

...

I have notes on the exact procedure somewhere, but the above might be enough of a hint to guide you. If not, I'll search for my notes.

I will search around for a guide with your hints. Thanks for the quick response!

Here they are. Device names obviously you have to change for your own. I see I also use scripts of my own (crypto_*), but you should be able to do without them. Otherwise, I can post a copy of them. I'm a bit tired now, so I have not stopped to clarify points. I can explain another day. Full disk encryption chaining with dm-crypt, cryptsetup and luks [TB] Generate a random key, stored in a file in the first encrypted partition. dd iflag=fullblock if=/dev/random of=the_hoard_keyfile bs=512 count=8 cryptsetup luksAddKey /dev/sdd1 /home/cer/Keys/the_hoard_keyfile crypto_unmap cr_hoard2 cryptsetup luksOpen --key-file=/home/cer/Keys/the_hoard_keyfile /dev/sdd1 cr_hoard2 crypto_mount cr_hoard2 crypto_unmap cr_hoard2 systemctl daemon-reload AmonLanc:~ # systemctl start systemd-cryptsetup@cr_hoard2 /etc/crypttab: cr_hoard /dev/disk/by-uuid/f1f26736-b801-4c95-b1f0-f5de2ec77939 /home/cer/Keys/the_hoard_keyfile auto Activating: AmonLanc:~ # cryptsetup luksOpen --key-file=/home/cer/Keys/the_hoard_keyfile /dev/sdb1 cr_hoard AmonLanc:~ # AmonLanc:~ # crypto_unmap cr_hoard Preparando. Cf. Device cr_hoard is not active. AmonLanc:~ # crypto_map cr_hoard Preparando. Cf. Enter passphrase for /dev/disk/by-uuid/f1f26736-b801-4c95-b1f0-f5de2ec77939: Error reading passphrase from terminal. AmonLanc:~ # systemctl start systemd-cryptsetup@cr_hoard AmonLanc:~ # Systemd recognizes this after insisting with systemctl daemon-reload, but not inmediately). -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)