Page MenuHomeSolus

LUKS password prompted twice on boot
Open, Needs TriagePublic

Description

Hello,

I'm trying to figure out a way to enter my encryption password only once on boot. On boot I first get prompted for my SSD device password:

Please enter passphrase for disk HP SSD EX920 1TB (luks-yyy)!

Then for:

Please enter passphrase for disk SolusCrypto on /!

I've configured /loader/entries/Solus-current-5.2.2-122.conf as such:

title Solus 4.0 Fortitude
linux /EFI/com.solus-project/kernel-com.solus-project.current.5.2.2-122
initrd /EFI/com.solus-project/initrd-com.solus-project.current.5.2.2-122
options root=UUID=xxx rd.luks.uuid=yyy quiet loglevel=3 splash systemd.show_status=false rw radeon.si_support=0 radeon.cik_support=0 amdgpu.si_support=1 amdgpu.cik_support=1

I think it has something to do with how rd.luks.uuid is configured.

Tried to reference this and this but the options are confusion.

/etc/crypttab is configured as such:

SolusCrypto UUID=yyy luks

/etc/fstab is configured as such:

none        /proc        proc    nosuid,noexec  0 0
none        /dev/shm     tmpfs   defaults	0 0
/dev/mapper/SolusCrypto /   ext4    rw,relatime,errors=remount-ro   0   1

Any advice?

Also any way to make the splash screen on boot nicer than a plane black; looks like terminal? I didn't install Solus by erasing and install luks on install. I first install windows, then setup LVM/luks and installed solus on that. I imagine the default install would place a nice splash screen? Anyway to implement this manually?

Event Timeline

circlenaut updated the task description. (Show Details)Jul 30 2019, 2:04 AM

nahidtislam on reddit helpmed me out with this one. Here's the solution.

you don’t need the LUKS information of your root partition in your /etc/crypttab. That’s taken care of on your /boot/loader/entries/Solus-*.conf file.

This is why you’re promoted to type your luks password twice. Remove your root partition in your /etc/crypttab and you should only be promoted once.

If you want to name your luks slug so it uses the name rather than luks-yyyy, firstly open your /boot/loader/entries/Solus-*.conf file as root with your favourite text editor. Then change rd.luks.uuid=yyyy to rd.luks.name=yyyy=theName (where yyyy is your luks-uuid and theName is what you want to name your luks slug (in this case, it would be SolusCrypto))