On 2018-08-07 15:33, ken wrote:

On 08/07/2018 04:52 AM, Carlos E. R. wrote:

Hi, Carlos,

Two options:  One is using the "timeout" option, briefly explained in "man crypttab". 

Ah, I did not notice that one, thanks. timeout= Specifies the timeout for querying for a password. If no unit is specified, seconds is used. Supported units are s, ms, us, min, h, d. A timeout of 0 waits indefinitely (which is the default). x-systemd.device-timeout= Specifies how long systemd should wait for a device to show up before giving up on the entry. The argument is a time in seconds or explicitly specified units of "s", "min", "h", "ms". I tried "timeout=0", but the system waits for 90 seconds only - it says so in the password prompt. So there must be somewhere else. This seems to be an undocumented change in Leap 15.0. Worse, the keyboard is ignored and I can not enter the password during that time. After 90 seconds it prompts for my root password and ignores it. With Ctrl-D it finally locks, only accepting ctrl-alt-supr. Rescue system, I see a typo in the UUID declaration. Corrected. It still ignores the keyboard, and times out at 90 seconds. But this time I'm finally allowed to enter the root password. All these lines make the system unbootable:

cr_sda8 UUID=1edf494d-d697-40b2-ba00-c7da0a1d5fbe - timeout=0 cr_sda8 /dev/disk/by-uuid/1edf494d-d697-40b2-ba00-c7da0a1d5fbe - timeout=0 cr_sda8 /dev/sda8 - timeout=0 cr_sda8 /dev/sda8 none timeout=0

Only these works, with a time out of 90 seconds, unchangeable: cr_sda8 /dev/sda8 cr_sda8 UUID=1edf494d-d697-40b2-ba00-c7da0a1d5fbe cr_sda8 UUID=1edf494d-d697-40b2-ba00-c7da0a1d5fbe none none This other line:

cr_sda8 UUID=1edf494d-d697-40b2-ba00-c7da0a1d5fbe none timeout=300

is accepted, but the prompt text changes (doesn't print the timeout) and the timeout doesn't change. This seems a bug. Two, actually.

Another option would be to specify a file containing the password, that file residing on a thumbdrive which, of course would need to be set to mount prior to the encrypted partition.  That file would be specified in a third field to the encrypted device's entry in /etc/crypttab.  This second option would, in effect, allow mounting without you needing to enter a password, but remain secure as long as you maintain secure control of the thumbdrive.

No, I just want to control the timeout. -- Cheers / Saludos, Carlos E. R. (from 42.3 x86_64 "Malachite" at Telcontar)