Encrypted Debian USB OS Unable to Boot on Newer Machines
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Encrypted Debian USB OS Unable to Boot on Newer Machines
Hello!
I have been using an encrypted debian disto on a thumb drive to separate confidential data from my personal computer usage for some time now. Recently, I upgraded to a new laptop and my boot process only goes to the GRUB when booting on the new laptop. I can select my distro, but do not get to a prompt for my password. Instead, it cycles through a series of lines over and over. Included is a BUG: soft lockup error that I have had some luck removing via edit function during the distro selection screen, but I have never been able to get to my password prompt. This distro boots fine on the old laptop, just not on the new. I'd rather not have to carry around both!
My best guess is that the problem is that the newer device is UEFI and my USB distro is a legacy-booting system. This new laptop has an option in its bios for supporting both legacy and UEFI, which I needed to turn on just to get to the first screen. So that is currently set at "both". I thought that would resolve this. But then again, my desktop can boot my USB distro and it is also a UEFI setup (with a few bios tweaks having to do with my sata controller). Could it have something to do with a driver or hardware incompatibility?
I have taken a picture of what goes across the screen, as I cannot find a way to get logs if I cannot boot the system: https://imgur.com/a/JQYdzWk
NOTE: This screen shot is with an older distro option I tried to load from the bootloader, but the error appears to be the same to me regardless of the build I choose.
Is there any hope for this distro? Or do I need to start from scratch?
I'd kind of think it has to do with grub naming or support for hardware maybe over any uefi issue. In truth uefi could present some set of devices but it usually allows you to set boot order in bios. Since you say you get to grub (hopefully on usb) then we have to assume a lot is correct? How did you encrypt this?
I'm with jefro; sounds like support for hardware and a uefi issue.
Disabeling the secure boot or the quick boot may help:-
Since the distribution boots on the other machine but not on your new laptop you may just need a newer kernel to support the newer hardware.
When a system won't boot to desktop it has to be xorg, the kernel or maybe a proprietary video driver most likely.
It could also be something in the init system (sysvinit, startup and systemd) but in testing it's xorg related.
Run a update, if that doesn't work try Recovery Mode and direct it to boot when it get's around to asking what you want.
A 'soft lockup' is defined as a bug that causes the kernel to loop in kernel mode for more than 20 seconds, without giving other tasks a chance to run.
To Jefro: I encrypted it through the installer at the time and put the unencrypted boot information on a small partition on the usb drive (as opposed to a dual boot system).
To Ztcoracat: Secure boot was already disabled. I should have mentioned that. My version of debian is 9.4 currently. I have relied on apt-get update and apt-get dist-upgrade for all updating and last updated the system in late May-- as I do not typically allow this system consistent access to the internet. I can certainly try to update that and see if it helps.
Could a video driver get loaded before my system gets unencrypted though? If I do not enter my password, the contents of the operating system shouldn't be accessible yet. I assumed it had something to do with whatever comes before the OS, but maybe that is my ignorance regarding how this works.
I ran apt-get update and apt-get dist-upgrade using my old laptop. It still cannot boot to the new laptop. Same result. I disabled quick boot as recommended as well.
Booting into recovery mode results in the same repeating lines pictured above. It offers some variation though. At the end of each cycle, sooner or later, appears a message that states: "perf: interrupt took too long (##### > ####). Lowering kernel.perf_event_max_sample_rate to #######. NMI handler (perf_event_nmi_handler) took too long to run: 2.575 msecs." Other than that extra piece of information, it just cycles through this just as if I was not attempting to boot in recovery mode.
Could a video driver get loaded before my system gets unencrypted though?
I think so, yes:-
Once modprobe has identified which module file (.ko) contains the requested driver, it loads the module file into the kernel: the module code is dynamically loaded into the kernel.
The automatic loading of modules happen when the kernel detects new hotpluggable hardware.
To Jefro:
My BIOS has two options: "UEFI Only" and "UEFI and Legacy". When it was set to UEFI Only (default), I could not get to GRUB. It is now set to UEFI and Legacy, which allows me to get to GRUB. But it does not allow me to get to my password.
I am not sure what you are asking for these other two questions, but I will try to explain better. The USB drive is a bootable device. It has its own master boot record and its own partition for GRUB on the USB drive (not on any host computer). The rest is encrypted. So, to access it, I must manually select to boot from the usb drive instead of the hard drive on the laptop or desktop I am using. In essence, everything related to this OS should be local on the USB.
To install this system, I ran a Debian installation USB and left most things stock through that install. The OS went into an encrypted logical volume that filled up the whole of the drive and the GRUB is in a small partition outside of that volume so it can boot. I am not sure what else you are looking for. That may have to do with my inexperience here.
Unfortunately, I do not have spare drives to make new operating systems with and test them on this machine. I was hoping to avoid remaking the distro, but unless you all can think of anything else to try, that is probably where I will end up.
I have moved the usb drive up to the top priority in booting. The result is the same repeating lines and no password option. If I boot to the boot menu, it is listed first.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.