Mailinglist Archive: opensuse (2430 mails)

< Previous Next >
Re: [opensuse] SOLVED: encrypted - boot: Failed to open
  • From: Daniel Bauer <linux@xxxxxxxxxxxxxxxx>
  • Date: Mon, 28 Apr 2008 09:51:33 +0200
  • Message-id: <200804280951.33842.linux@xxxxxxxxxxxxxxxx>
After tinkering for hours I was finally successful. I now have the laptop with
encrpyted root directory, encrypted swap, some more enrypted partitions that
are mounted during boot and all this with entering just one single password.

I am not sure why it works now :-)
But for those who followed this thread and maybe would like to know, here's
the long story:

Maybe the reason for failing was just one word: in /etc/crypttab I had
cr_sdb2 /dev/disk/by-id/id_of_the_disk /etc/crypt-test.key luks
and now the word "luks" is replaced by "none" (without quotes).

But my way was much longer, so I don't know if it really just was this single
word or if something else on that way caused the change. That's why I descrie
the whole way:

on a empty new laptop I installed sopensuse 10.3 following the page
http://en.opensuse.org/Encrypted_Root_File_System_with_SUSE_HOWTO
untill "Create an encrypted swap partition"

There I changed to the page
http://en.opensuse.org/Talk:Encrypted_Root_File_System_with_SUSE_HOWTO#Create_an_encrypted_swap_partition
and followed the text between "Alternate: Automatically mounting an encrypted
swap partition under openSUSE 10.3" and " Another option for mounting..."

rebooted to check if it worked.

Went back to http://en.opensuse.org/Encrypted_Root_File_System_with_SUSE_HOWTO
and followed "Create an encrypted file system on one of the remaining
partitions" untill "Erase the original root partition...".

The cpio command shown under "Copy the root file system" I altered (did not
copy boot and subdomain [which doesn't exist here], but created an empty boot
dir.)

The entry for /boot/grub/menu.lst I took from the other page (Talk:...).

After backing-up the original intird-2..... and creating a new one I started
Yast and told it to save the boot loader (which I have in the mbr). I don't
know, if that was necessary.

rebooted. During boot it stops "somewhere" and I have to enter the password.
It first was confusing to me, that there was no question like "Enter pwd".
Later I saw, that this question indeed is displayed but after the question
some more messages are displayed, as if boot would go on another while while
waiting for the password.

[loop]
Then created a new encrypted partition using Yast. Applied the changes, closed
Yast, saved the passphrase in a text-file in /etc.

rebooted, just to see if the new encrypted partition works and gets mounted -
and because I suspected that during the boot maybe "something" would
be "arranged" to make it work. Don't know if this step was necessary.

Had to enter the Password for root-partition and then for the new partition.
Here I found out that the keyboard layout between the first and the second
password changed. So for the root partition I had to use US keyboard layout,
for the second Swiss layout.

Then opened /etc/crypttab and changed the line that Yast inserted from
cr_sdb2 /dev/disk/by-id/id_of_the_disk none none
to
cr_sdb2 /dev/disk/by-id/id_of_the_disk /etc/mypasswordfile.key none

Again rebooted. The new partition was mounted correctly without the need to
enter it's password.
[/loop]

Repeated all these steps in [loop] for every new encrypted partition. So I
rebooted many times and hand a real "Windows-Flashback" - I guess not all of
those boots have been necessary, but I preferred it "the save way".

So, now it's all working just as I like'd to have it.

Hope this elaborate will help somebody in future...

regards

Daniel

On Saturday 26 April 2008 21.52:47, Daniel Bauer wrote:
Hi,

During boot an encrypted partition should be mounted using a using a
key-file. I get:

error on stat() /dev/mapper/cr_sdb2: No such file or directory
Failed to open the device 'dev/mapper/cr_sdb2': no such file or directory
fsck.reiserfs dev/mapper/cr_sdb2 failed (status 0x8). Run manually!

I have following partitions:
/dev/sda2 /boot (normal partition)
/dev/sda3 / (encrypted partition, password to enter during boot)
/dev/sdb1 swap (encrypted, password in /etc/crypt-swap.key)
/dev/sdb2 /mnt/test (encrypted, password in /etc/crypt-test.key)

without cr_sdb2 in fstab it boots perfect now, swap is encrypted and on.
with cr_sdb2 in fstab I get the above shown messages.

/etc/crypttab:
cr_sdb1 /dev/disk/by-id/id_of_the_disk /etc/crypt-swap.key swap
cr_sdb2   /dev/disk/by-id/id_of_the_disk   /etc/crypt-test.key   luks

in /etc/fstab I added
/dev/mapper/cr_sdb2   /mnt/test   reiserfs   acl,usr_xattr   1 2

After booting (cr_sdb2-line in fstab commented out) I can mount sdb2 with
mount /mnt/test /dev/mapper/cr_sdb2
without typing a password.

Why can't it open it at boot?

Any help possible?

Daniel

--
Daniel Bauer photographer Basel Switzerland
professional photography: http://www.daniel-bauer.com
erotic art photos: http://www.bauer-nudes.com/en/linux.html
Madagascar special: http://www.fotograf-basel.ch/madagascar/
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >
References