Hi Everyone! I am on SLES12.5 and could use some serious help.

I was given an existing golden image and told to setup data at rest encryption on the /home directory and the /DATA(our custom Data dir). It was also requersted that I not use a keyfile but make the user enter the password on boot. I did not want to break the system so I decided I would create a new partition for /home and start from there. it ended up being sda9. I used luks to encrypt the partition. opened the partition, mounted it manually successfully.

I created the entry in the /etc/crypttab file as follows:

I created the entry in the /etc/fstab file as follows:
I ensured the boot.crypto init script was installed from here and was enabled:
OpenSuse boot.crypto github

The system starts to boot normally, and pauses durring boot to ask me to enter the encryption passphrase. Upon successfully entering the passphrase boot continues and does the following:

Running an ll on /dev/mapper to find luksHome you can see it hasnt unlocked and mapped the drive yet.

IF I then go and comment out the fstab entry for /dev/mapper/luksHome and reboot, the system boots as expected. It Pauses booting to ask for the password and continues to boot successfully. Once logged into the OS, I open a terminal, su to root, and run the ll on /dev/mapper again.

Can Anyone at all tell me what I am doing wrong? I am almost positive it it is in the /etc/fstab entry, but the entry looks ok and I have even tried the enrty as follows with no success. This stuff is usually my bread and butter so saying i have reached peak frustration is an understatement.

Thanks again!

Hi,

Can you see how the partition has mounted when it is not in fstab?

Compare with the fstab commented line to see what change, maybe you need to update it.

Hope that helps.

Viel.

Hi, I can mount it manually and even run mount -av and get a successful mount with no issues. I have a feeling that the OS is trying to mount the partition before it is decrypted but im not sure how to fix the order of operations there.