LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 02-04-2013, 12:49 PM   #1
tobiaspc
LQ Newbie
 
Registered: Feb 2013
Distribution: Debian 6.06, openSUSE 12.2
Posts: 11

Rep: Reputation: Disabled
Question Encrypted device cannot be found during boot, mounting fails


Hey there i tryed to mount my dm_crypted device during boot, but it does not work.

This is my(partially) /var/log/bot with uncommented "set -x"(debug output) in " /lib/cryptsetup/cryptdisks.functions" and correct /etc/crypttab

This is my crypttab, everything gets unlocked expect from sdb1_crypt:

Code:
#<name>     <device>  <pass>       <options>
sdb1_crypt /dev/sdb1 none         luks,timeout=0
#Swap
sda2_crypt /dev/sda2 /dev/urandom cipher=aes-cbc-essiv:sha256,size=256,swap
#Root
sda3_crypt /dev/sda3 none         luks,timeout=0
This is my fstab, again everything works, expect sdb1(because it does not get unlocked, so "/dev/mapper/sdb1_crypt" cannot be found):

Code:
#System
proc                                                /proc           proc    defaults                          f    0       0
#Root
/dev/mapper/sda3_crypt                              /               ext3    errors=remount-ro 0     1
#Boot
/dev/sda1                                           /boot           ext3    defaults        0       2
#Swap
/dev/mapper/sda2_crypt                              none            swap    sw              0       0
#Data
/dev/mapper/sdb1_crypt                              /data0          ext3    defaults        0       2
The folloing steps happen on boot:
1. grub
2. initram
3. Debian asks for "/"-partition password
4. Debian SHOULD ask for sdb1-partition password
5. swap gets "mounted" with random passphrase
6. booting continues

What i did:

I ran update-"initramfs -u -k all -v"
I fixed my /etc/crypttab, a "#" was missing at the beginning
I can mount the device with cryptsetup / mount after boot.
The system cannot find /dev/sdb during boot, but later i can mount it. can i let cryptodisks later when all drives are availible?

Iīm running debian 6.0.6
kernel 2.6.3.2-5-amd64 x86_64
Version of cryptsetup is 2:1.1.3-4squeeze2

Last edited by tobiaspc; 02-04-2013 at 12:52 PM.
 
Old 02-05-2013, 01:17 AM   #2
cyberpatrol
Member
 
Registered: Dec 2012
Posts: 75

Rep: Reputation: Disabled
Firstly you don't need to have the / partition (sdb3_crypt) in /etc/crypttab, since you give it in the kernel parameters or somewhere in the initrd. And you don't need to set luks in the options, cryptsetup detects it automatically.

The biggest problem could be the timeout. Why do you set it anyway and why to 0? Maybe that's the main reason.

Another reason could be the none in the password field. I don't know Debian but in some distros you need to set the password field to ASK, in some you need to leave it empty, if you want to be asked for the password at boot time. You have to look it up for your distro.
 
Old 02-05-2013, 09:21 AM   #3
tobiaspc
LQ Newbie
 
Registered: Feb 2013
Distribution: Debian 6.06, openSUSE 12.2
Posts: 11

Original Poster
Rep: Reputation: Disabled
So i removed / from crypttab, the system still boots. I removed all options, cryptsetup tells me that options are missing, so i set them to "default". I tried to set the pw to none, to ASK, and "", and i tried to user blkid / UUID. Everything failed with "device * does not exist. I really want to mount the hard drive during boot, it worked with openSUSE, so should it work with debian!
 
Old 02-05-2013, 10:15 AM   #4
cyberpatrol
Member
 
Registered: Dec 2012
Posts: 75

Rep: Reputation: Disabled
I hope you haven't removed the options for the swap partition (sda2_crypt).

Which device does not exist? And have you tried to just removing the timeout from the options and keeping luks in the options and none in the password field?

Like this:
Code:
sdb1_crypt /dev/sdb1 none luks
I have used cryptsetup with several distros, so with Debian it should indeed work, too. But every distribution has a slightly different syntax for /etc/crypttab.
 
Old 02-05-2013, 12:24 PM   #5
tobiaspc
LQ Newbie
 
Registered: Feb 2013
Distribution: Debian 6.06, openSUSE 12.2
Posts: 11

Original Poster
Rep: Reputation: Disabled
no the swap is where it is supposed to be! Iīll try luks as option now, brb. It says that what is logged in the /var/log/boot logfile, linked in the first post:

Code:
device /dev/sdb1/ does not exist
or

Code:
device /dev/disks/by-uuid/the_uuid_of_sdb1 does not exist

EDIT: with that line:
Code:
sdb1_crypt      /dev/sdb1     none              luks
i still get the error, that sdb1 does not exist:

Code:
cat /var/log/boot
...
Tue Feb  5 19:31:05 2013: + handle_crypttab_line_start sdb1_crypt /dev/sdb1 none                                                                                                                                                              luks
Tue Feb  5 19:31:05 2013: + dst=sdb1_crypt
Tue Feb  5 19:31:05 2013: + src=/dev/sdb1
Tue Feb  5 19:31:05 2013: + key=none
Tue Feb  5 19:31:05 2013: + opts=luks
Tue Feb  5 19:31:05 2013: + [ -z sdb1_crypt ]
Tue Feb  5 19:31:05 2013: + [ -z /dev/sdb1 ]
Tue Feb  5 19:31:05 2013: + [ -z none ]
Tue Feb  5 19:31:05 2013: + [ -z luks ]
Tue Feb  5 19:31:05 2013: + [ /dev/sdb1 != /dev/sdb1 ]
Tue Feb  5 19:31:05 2013: + [ /dev/sdb1 != /dev/sdb1 ]
Tue Feb  5 19:31:05 2013: + parse_opts luks
Tue Feb  5 19:31:05 2013: + local opts opt IFS PARAM VALUE
Tue Feb  5 19:31:05 2013: + echo -n luks
Tue Feb  5 19:31:05 2013: + sed s/ *#.*//
Tue Feb  5 19:31:05 2013: + opts=luks
Tue Feb  5 19:31:05 2013: + PARAMS=
Tue Feb  5 19:31:05 2013: + CHECK=
Tue Feb  5 19:31:05 2013: + CHECKARGS=
Tue Feb  5 19:31:05 2013: + PRECHECK=
Tue Feb  5 19:31:05 2013: + TRIES=3
Tue Feb  5 19:31:05 2013: + TMPFS=
Tue Feb  5 19:31:05 2013: + MAKESWAP=
Tue Feb  5 19:31:05 2013: + USELUKS=
Tue Feb  5 19:31:05 2013: + KEYSCRIPT=
Tue Feb  5 19:31:05 2013: + IGNORE=
Tue Feb  5 19:31:05 2013: + CRYPTTAB_OPTIONS=
Tue Feb  5 19:31:05 2013: + LOUD=yes
Tue Feb  5 19:31:05 2013: + IFS=,
Tue Feb  5 19:31:05 2013: + echo luks
Tue Feb  5 19:31:05 2013: + sed s/=.*//
Tue Feb  5 19:31:05 2013: + PARAM=luks
Tue Feb  5 19:31:05 2013: + echo luks
Tue Feb  5 19:31:05 2013: + sed /=/!d;s/^.*=//
Tue Feb  5 19:31:05 2013: + VALUE=
Tue Feb  5 19:31:05 2013: + USELUKS=yes
Tue Feb  5 19:31:05 2013: + CRYPTTAB_OPTIONS= luks
Tue Feb  5 19:31:05 2013: + [ -z  ]
Tue Feb  5 19:31:05 2013: + VALUE=yes
Tue Feb  5 19:31:05 2013: + eval export CRYPTTAB_OPTION_luks="yes"
Tue Feb  5 19:31:05 2013: + export CRYPTTAB_OPTION_luks=yes
Tue Feb  5 19:31:05 2013: + export CRYPTTAB_OPTIONS
Tue Feb  5 19:31:05 2013: + return 0
Tue Feb  5 19:31:05 2013: + [  = yes ]
Tue Feb  5 19:31:05 2013: + check_key
Tue Feb  5 19:31:05 2013: + local GMODE OMODE OWNER GROUP
Tue Feb  5 19:31:05 2013: + [ -n  ]
Tue Feb  5 19:31:05 2013: + [ -z none ]
Tue Feb  5 19:31:05 2013: + [ none = none ]
Tue Feb  5 19:31:05 2013: + key=
Tue Feb  5 19:31:05 2013: + return 0
Tue Feb  5 19:31:05 2013: + lo_setup
Tue Feb  5 19:31:05 2013: + [ ! -f /dev/sdb1 ]
Tue Feb  5 19:31:05 2013: + return 0
Tue Feb  5 19:31:05 2013: + export CRYPTTAB_NAME=sdb1_crypt
Tue Feb  5 19:31:05 2013: + export CRYPTTAB_SOURCE=/dev/sdb1
Tue Feb  5 19:31:05 2013: + export CRYPTTAB_KEY=
Tue Feb  5 19:31:05 2013: + [ ! -r /dev/sdb1 ]
Tue Feb  5 19:31:05 2013: + [ yes = yes ]
Tue Feb  5 19:31:05 2013: + device_msg sdb1_crypt skipped, device /dev/sdb1 does                                                                                                                                                              not exist
Tue Feb  5 19:31:05 2013: + local dst msg
Tue Feb  5 19:31:05 2013: + dst=sdb1_crypt
Tue Feb  5 19:31:05 2013: + msg=skipped, device /dev/sdb1 does not exist
Tue Feb  5 19:31:05 2013: + [ no != no ]
Tue Feb  5 19:31:05 2013: + return 1
Tue Feb  5 19:31:05 2013: + log_action_end_msg 1
Tue Feb  5 19:31:05 2013: + log_action_end_msg_pre 1
...
EDIT2: Yey! Itīs working! i dont know why, but after rebooting it finally worked! thanks everyone!
EDIT3: After next reboot, still the same error...
EDIT4: Got it. When debian does an fsck before cryptdisks-early and before this message:

Code:
[sdb] Assuming drive cache: write through
it works. however, if there is no fsck, it does not work. i fixed it temporary via checking my "/boot" partition every boot ( tune2fs -c 1 /dev/sda1 ), but i still want to get a real solution. if the drive cache is the problem, how can i fix it?

EDIT5: fixing it via /boot didnīt work, i use / now, it is slower, but it works. I cought the process with my camera: Click

How can i tell the system to use write through as drive cache, and not blocking the partition during the encryption??

Last edited by tobiaspc; 02-05-2013 at 02:08 PM. Reason: updated
 
Old 02-05-2013, 04:41 PM   #6
cyberpatrol
Member
 
Registered: Dec 2012
Posts: 75

Rep: Reputation: Disabled
Quote:
Originally Posted by tobiaspc View Post
no the swap is where it is supposed to be! Iīll try luks as option now, brb. It says that what is logged in the /var/log/boot logfile, linked in the first post:

Code:
device /dev/sdb1/ does not exist
or

Code:
device /dev/disks/by-uuid/the_uuid_of_sdb1 does not exist
Quote:
Originally Posted by tobiaspc View Post
EDIT2: Yey! Itīs working! i dont know why, but after rebooting it finally worked! thanks everyone!
EDIT3: After next reboot, still the same error...
EDIT4: Got it. When debian does an fsck before cryptdisks-early and before this message:

Code:
[sdb] Assuming drive cache: write through
it works. however, if there is no fsck, it does not work. i fixed it temporary via checking my "/boot" partition every boot ( tune2fs -c 1 /dev/sda1 ), but i still want to get a real solution. if the drive cache is the problem, how can i fix it?
Quote:
Originally Posted by tobiaspc View Post
How can i tell the system to use write through as drive cache, and not blocking the partition during the encryption??
Your problem is not the encryption and your /etc/crypttab, even if it looked a bit strange, at least the timeout. Your problem is a problem with your hardware, your initrd, udev or Debian's initsystem, because your harddisk /dev/sdb is not recognized.

Is it an internal or an external harddisk? If it's an internal one, is it recognized by your BIOS? Is your harddisk failing? If it's recognized by your BIOS and not failing then it could probably be an issue with Debian's initscripts or a misconfigured initrd, if it's an external harddisk it's probably a bug in udev (timeout, udev rules triggered too early, wrong udev rules, etc.).

If you can rule out a hardware issue I'd suggest asking on a Debian forum or mailing list, and not asking about a non working encryption, but a not detected harddisk.
 
Old 02-06-2013, 08:30 AM   #7
tobiaspc
LQ Newbie
 
Registered: Feb 2013
Distribution: Debian 6.06, openSUSE 12.2
Posts: 11

Original Poster
Rep: Reputation: Disabled
It is an external USB 2.0 2TB hard drive. It is definitely working, i did several i/o test yesterday.
 
Old 02-06-2013, 08:54 AM   #8
cyberpatrol
Member
 
Registered: Dec 2012
Posts: 75

Rep: Reputation: Disabled
Then it looks pretty much like an issue with udev and/or Debian's init system, which I don't know. There's either a wrong udev rule, a udev timeout (the harddisk responds too late or udev waits not long enough), cryptsetup is called before udev is settled or the udev rules are triggered or something like that.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Encrypted device cannot be found during boot, mounting fails tobiaspc Linux - Software 1 02-04-2013 12:57 PM
[SOLVED] Skip mounting encrypted volume at boot Yalla-One Fedora 6 10-11-2011 01:37 AM
Mounting encrypted LVM - Device /dev/.../lv_home is not a valid LUKS device. recarv Linux - Hardware 3 02-15-2011 02:38 PM
[SOLVED] SuSE fails to boot from qLogic Fibre channel card - "No root device found" nonshatter Suse/Novell 4 11-01-2010 07:38 AM
mount encrypted filesystem fails on boot blackcompany Suse/Novell 0 06-12-2006 09:26 AM


All times are GMT -5. The time now is 09:13 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration