LinuxQuestions.org - Encrypted device cannot be found during boot, mounting fails

- Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)

- - Encrypted device cannot be found during boot, mounting fails (https://www.linuxquestions.org/questions/linux-software-2/encrypted-device-cannot-be-found-during-boot-mounting-fails-4175448578/)

Encrypted device cannot be found during boot, mounting fails

Hey there i tryed to mount my dm_crypted device during boot, but it does not work.

This is my(partially) /var/log/bot with uncommented "set -x"(debug output) in " /lib/cryptsetup/cryptdisks.functions" and correct /etc/crypttab

This is my crypttab, everything gets unlocked expect from sdb1_crypt:

Code:

#<name>    <device>  <pass>      <options>

sdb1_crypt /dev/sdb1 none        luks,timeout=0

#Swap

sda2_crypt /dev/sda2 /dev/urandom cipher=aes-cbc-essiv:sha256,size=256,swap

#Root

sda3_crypt /dev/sda3 none        luks,timeout=0

This is my fstab, again everything works, expect sdb1(because it does not get unlocked, so "/dev/mapper/sdb1_crypt" cannot be found):

Code:

#System

proc                                                /proc          proc    defaults                          f    0      0

#Root

/dev/mapper/sda3_crypt                              /              ext3    errors=remount-ro 0    1

#Boot

/dev/sda1                                          /boot          ext3    defaults        0      2

#Swap

/dev/mapper/sda2_crypt                              none            swap    sw              0      0

#Data

/dev/mapper/sdb1_crypt                              /data0          ext3    defaults        0      2

The folloing steps happen on boot:
1. grub
2. initram
3. Debian asks for "/"-partition password
4. Debian SHOULD ask for sdb1-partition password
5. swap gets "mounted" with random passphrase
6. booting continues

What i did:

I ran update-"initramfs -u -k all -v"
I fixed my /etc/crypttab, a "#" was missing at the beginning
I can mount the device with cryptsetup / mount after boot.
The system cannot find /dev/sdb during boot, but later i can mount it. can i let cryptodisks later when all drives are availible?

I´m running debian 6.0.6
kernel 2.6.3.2-5-amd64 x86_64
Version of cryptsetup is 2:1.1.3-4squeeze2

Firstly you don't need to have the / partition (sdb3_crypt) in /etc/crypttab, since you give it in the kernel parameters or somewhere in the initrd. And you don't need to set luks in the options, cryptsetup detects it automatically.

The biggest problem could be the timeout. Why do you set it anyway and why to 0? Maybe that's the main reason.

Another reason could be the none in the password field. I don't know Debian but in some distros you need to set the password field to ASK, in some you need to leave it empty, if you want to be asked for the password at boot time. You have to look it up for your distro.

So i removed / from crypttab, the system still boots. I removed all options, cryptsetup tells me that options are missing, so i set them to "default". I tried to set the pw to none, to ASK, and "", and i tried to user blkid / UUID. Everything failed with "device * does not exist. I really want to mount the hard drive during boot, it worked with openSUSE, so should it work with debian!

I hope you haven't removed the options for the swap partition (sda2_crypt).

Which device does not exist? And have you tried to just removing the timeout from the options and keeping luks in the options and none in the password field?

Like this:

Code:

sdb1_crypt /dev/sdb1 none luks

I have used cryptsetup with several distros, so with Debian it should indeed work, too. But every distribution has a slightly different syntax for /etc/crypttab.

no the swap is where it is supposed to be! I´ll try luks as option now, brb. It says that what is logged in the /var/log/boot logfile, linked in the first post:

Code:

device /dev/sdb1/ does not exist

Code:

device /dev/disks/by-uuid/the_uuid_of_sdb1 does not exist

EDIT: with that line:

Code:

sdb1_crypt /dev/sdb1 none luks

i still get the error, that sdb1 does not exist:

Code:

cat /var/log/boot

...

Tue Feb  5 19:31:05 2013: + handle_crypttab_line_start sdb1_crypt /dev/sdb1 none                                                                                                                                                              luks

Tue Feb  5 19:31:05 2013: + dst=sdb1_crypt

Tue Feb  5 19:31:05 2013: + src=/dev/sdb1

Tue Feb  5 19:31:05 2013: + key=none

Tue Feb  5 19:31:05 2013: + opts=luks

Tue Feb  5 19:31:05 2013: + [ -z sdb1_crypt ]

Tue Feb  5 19:31:05 2013: + [ -z /dev/sdb1 ]

Tue Feb  5 19:31:05 2013: + [ -z none ]

Tue Feb  5 19:31:05 2013: + [ -z luks ]

Tue Feb  5 19:31:05 2013: + [ /dev/sdb1 != /dev/sdb1 ]

Tue Feb  5 19:31:05 2013: + [ /dev/sdb1 != /dev/sdb1 ]

Tue Feb  5 19:31:05 2013: + parse_opts luks

Tue Feb  5 19:31:05 2013: + local opts opt IFS PARAM VALUE

Tue Feb  5 19:31:05 2013: + echo -n luks

Tue Feb  5 19:31:05 2013: + sed s/ *#.*//

Tue Feb  5 19:31:05 2013: + opts=luks

Tue Feb  5 19:31:05 2013: + PARAMS=

Tue Feb  5 19:31:05 2013: + CHECK=

Tue Feb  5 19:31:05 2013: + CHECKARGS=

Tue Feb  5 19:31:05 2013: + PRECHECK=

Tue Feb  5 19:31:05 2013: + TRIES=3

Tue Feb  5 19:31:05 2013: + TMPFS=

Tue Feb  5 19:31:05 2013: + MAKESWAP=

Tue Feb  5 19:31:05 2013: + USELUKS=

Tue Feb  5 19:31:05 2013: + KEYSCRIPT=

Tue Feb  5 19:31:05 2013: + IGNORE=

Tue Feb  5 19:31:05 2013: + CRYPTTAB_OPTIONS=

Tue Feb  5 19:31:05 2013: + LOUD=yes

Tue Feb  5 19:31:05 2013: + IFS=,

Tue Feb  5 19:31:05 2013: + echo luks

Tue Feb  5 19:31:05 2013: + sed s/=.*//

Tue Feb  5 19:31:05 2013: + PARAM=luks

Tue Feb  5 19:31:05 2013: + echo luks

Tue Feb  5 19:31:05 2013: + sed /=/!d;s/^.*=//

Tue Feb  5 19:31:05 2013: + VALUE=

Tue Feb  5 19:31:05 2013: + USELUKS=yes

Tue Feb  5 19:31:05 2013: + CRYPTTAB_OPTIONS= luks

Tue Feb  5 19:31:05 2013: + [ -z  ]

Tue Feb  5 19:31:05 2013: + VALUE=yes

Tue Feb  5 19:31:05 2013: + eval export CRYPTTAB_OPTION_luks="yes"

Tue Feb  5 19:31:05 2013: + export CRYPTTAB_OPTION_luks=yes

Tue Feb  5 19:31:05 2013: + export CRYPTTAB_OPTIONS

Tue Feb  5 19:31:05 2013: + return 0

Tue Feb  5 19:31:05 2013: + [  = yes ]

Tue Feb  5 19:31:05 2013: + check_key

Tue Feb  5 19:31:05 2013: + local GMODE OMODE OWNER GROUP

Tue Feb  5 19:31:05 2013: + [ -n  ]

Tue Feb  5 19:31:05 2013: + [ -z none ]

Tue Feb  5 19:31:05 2013: + [ none = none ]

Tue Feb  5 19:31:05 2013: + key=

Tue Feb  5 19:31:05 2013: + return 0

Tue Feb  5 19:31:05 2013: + lo_setup

Tue Feb  5 19:31:05 2013: + [ ! -f /dev/sdb1 ]

Tue Feb  5 19:31:05 2013: + return 0

Tue Feb  5 19:31:05 2013: + export CRYPTTAB_NAME=sdb1_crypt

Tue Feb  5 19:31:05 2013: + export CRYPTTAB_SOURCE=/dev/sdb1

Tue Feb  5 19:31:05 2013: + export CRYPTTAB_KEY=

Tue Feb  5 19:31:05 2013: + [ ! -r /dev/sdb1 ]

Tue Feb  5 19:31:05 2013: + [ yes = yes ]

Tue Feb  5 19:31:05 2013: + device_msg sdb1_crypt skipped, device /dev/sdb1 does                                                                                                                                                              not exist

Tue Feb  5 19:31:05 2013: + local dst msg

Tue Feb  5 19:31:05 2013: + dst=sdb1_crypt

Tue Feb  5 19:31:05 2013: + msg=skipped, device /dev/sdb1 does not exist

Tue Feb  5 19:31:05 2013: + [ no != no ]

Tue Feb  5 19:31:05 2013: + return 1

Tue Feb  5 19:31:05 2013: + log_action_end_msg 1

Tue Feb  5 19:31:05 2013: + log_action_end_msg_pre 1

...

EDIT2: Yey! It´s working! i dont know why, but after rebooting it finally worked! thanks everyone!
EDIT3: After next reboot, still the same error...
EDIT4: Got it. When debian does an fsck before cryptdisks-early and before this message:

Code:

[sdb] Assuming drive cache: write through

it works. however, if there is no fsck, it does not work. i fixed it temporary via checking my "/boot" partition every boot ( tune2fs -c 1 /dev/sda1 ), but i still want to get a real solution. if the drive cache is the problem, how can i fix it?

EDIT5: fixing it via /boot didn´t work, i use / now, it is slower, but it works. I cought the process with my camera: Click

How can i tell the system to use write through as drive cache, and not blocking the partition during the encryption??

Quote:

Originally Posted by tobiaspc (Post 4884946)

no the swap is where it is supposed to be! I´ll try luks as option now, brb. It says that what is logged in the /var/log/boot logfile, linked in the first post:

Code:

device /dev/sdb1/ does not exist

Code:

device /dev/disks/by-uuid/the_uuid_of_sdb1 does not exist

Quote:

Originally Posted by tobiaspc (Post 4884946)

Code:

[sdb] Assuming drive cache: write through

Quote:

Originally Posted by tobiaspc (Post 4884946)

How can i tell the system to use write through as drive cache, and not blocking the partition during the encryption??

Your problem is not the encryption and your /etc/crypttab, even if it looked a bit strange, at least the timeout. Your problem is a problem with your hardware, your initrd, udev or Debian's initsystem, because your harddisk /dev/sdb is not recognized.

Is it an internal or an external harddisk? If it's an internal one, is it recognized by your BIOS? Is your harddisk failing? If it's recognized by your BIOS and not failing then it could probably be an issue with Debian's initscripts or a misconfigured initrd, if it's an external harddisk it's probably a bug in udev (timeout, udev rules triggered too early, wrong udev rules, etc.).

If you can rule out a hardware issue I'd suggest asking on a Debian forum or mailing list, and not asking about a non working encryption, but a not detected harddisk.

It is an external USB 2.0 2TB hard drive. It is definitely working, i did several i/o test yesterday.

Then it looks pretty much like an issue with udev and/or Debian's init system, which I don't know. There's either a wrong udev rule, a udev timeout (the harddisk responds too late or udev waits not long enough), cryptsetup is called before udev is settled or the udev rules are triggered or something like that.