Encrypted Kralizec installation - no cryptsetup after reboot?

  • Hello,

    I'm trying to install a fully encrypted system (except /boot) with Kralizec ISO similarly as I did with old 0.3.x (http://wiki.openmediavault.org…2C_feedback.2C_discussion).
    All I changed in the ISO is once again just commenting out all lines in "### Partitioning" section to get full access to the partitioning options. I didn't have to load any additional modules during the installation as the current installer already has xts.ko and gf128mul.ko included. There's no need to re-create the encrypted partition as the installer by default uses aes-xts-plain64 now. So, it'd seem that it should be nice and easy thing, everything could be set up through the installer, but...
    Everything installs properly but after the reboot system doesn't ask for encryption password to the partition. It fails on searching for LVM volumes, which is obvious if the encryption partition isn't open. I even tried the simplest option with encryption from the installer - Guided partitioning with everything on one encrypted partition - still the same problem after first reboot.

    So I tried the same with clean Debian minimal network ISO and it nicely asks for the password after the reboot... So it looks like Kralizec image is somehow faulty - like cryptsetup startup scripts are missing after the restart. Any idea how to fix it or how to update the Kralizec ISO to work the same way as the original Debian one?
    I know I can simply install Debian and put Kralizec on top but I'd prefer to go with the image you created as I believe you've tweaked everything in the best possible way :)

    Thanks in advance for any help. I spend full two days and countless reinstallations in VBox to make it working, with no luck so far :(

    Update: I tried to install also to chroot into installed system before the reboot (similarly as described in my initial guide linked above) and install cryptsetup manually there (and run "update-initramfs –u" after that) - no change, still doesn't boot. What might be stripped from Kralizec image that it allows the installer to create all necessary partitions but it won't boot with encryption?

  • I have some progress. I managed to boot it when I when through following additional steps:

    • When I'm chroot'ed into installed system during the installation, but just before the reboot, I installed cryptsetup manually

      /etc/init.d/networking restart
      apt-get update
      apt-get install cryptsetup kbd
      update-initramfs -k all -u

    • After first reboot encrypted partition is still not open so startup just drops to busybox, so I opened it manually, scanned for logical volumes and exited busybox to boot to the final system

      cryptsetup luksOpen /dev/sda5 sda5_crypt
      lvm vgscan
      lvm vgchange -ay

    • When the system finally booted - installed all updates through update manager in OMV UI

    It still shows "volume group not found" error after reboot but just after that it asks for the password to the encrypted partition and then boots properly.

    Does anyone have some idea why cryptsetup and its configuration is missing when simply using the installer?

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!