Unix and Linux Stack Exchange
Unix and Linux Stack Exchange

Questions tagged [crypttab]

25 questions
6
votes
1 answer

Detached LUKS-header on Debian-based GNU/Linux

There is scattered information on how to set up a detached header for a LUKS-encrypted disk on Stack Exchange.  And by searching the web using Google, I found limited information.  Some of the best information I found is linked to at the bottom of…
Mikkel Rev
  • 243
  • 1
  • 8
5
votes
2 answers

crypttab and fstab UUID's

This works: crypttab: sda2_crypt UUID=6bbba323-ddad-479d-863e-4bd939b46f96 none luks,swap sda3_crypt UUID=3087cec6-dcc9-44ee-8a08-5555bb2ca566 none luks fstab: /dev/mapper/sda3_crypt / ext4 errors=remount-ro 0 …
oak-island-pirate
  • 145
  • 2
  • 14
5
votes
2 answers

How to not store hdd encryption key on machine, but still mount on boot?

Setup: I'm using a raspberry pi with a USB HDD, running arch linux and syncthing for my own "cloud" sync. Problem: In case of a physical break-in where the HDD pi and HDD is stolen, I'd like to ensure that the files on the HDD remain…
kidmose
  • 185
  • 1
  • 8
4
votes
1 answer

Difference between cryptopts and crypttab

I'm setting up an encrypted root fs, which I've done before, but this time I'm using a PGP-encrypted keyfile with a symmetric password to familiarize myself with the process. There are two places where configuration of encrypted roots seems to…
Naftuli Kay
  • 38,686
  • 85
  • 220
  • 311
3
votes
4 answers

/etc/crypttab not updating in initramfs

I have a new installation of ubuntu 22.04, with full disk encryption (LUKS) and ZFS picked from the ubuntu installer options. I need to make some edits to /etc/crypttab so that unlocking my drives works in an automatic way (fancy usb auto unlock),…
Bob Arezina
  • 131
  • 1
  • 3
3
votes
1 answer

how to let the systemd cryptsetup automatically mount the usb key which contain keyfile?

In ubuntu 19.10 I followed the example here. The keyfile is at the root of usb key filesystem. usbkey has uuid yyyy. the /etc/crypttab is like this: encrypted UUID=xxxx /keyfile:UUID=yyyy luks,keyfile-timeout=60,x-systemd.device-timeout=2min The…
Wang
  • 1,212
  • 2
  • 15
  • 26
2
votes
0 answers

cryptsetup ignoring unknown option 'tpm2-device'

I have been trying to get LUKS disk encryption with TPM2 working on an HP EliteBook 850 G8 running Kali Linux 2022.3. However, I am struggling to get TPM2 disk decryption added to Initramfs. Steps I have taken so far: Ensured that TPM2 is enabled…
lxndrblz
  • 21
  • 1
2
votes
0 answers

How to make boot drive encryption work with PKCS#11 Smart card in Fedora (35)

On Fedora Workstation 35 here. systemd v249 I am trying to unlock root LUKS volume with smart card on BOOT, but it does not work. I added to /etc/crypttab mydisk UUID=496e1cd5-712f-44ab-ad02-5fb6f7419af8 none pkcs11-token-uri=auto,luks,discard My…
Boris Hamanov
  • 195
  • 1
  • 9
2
votes
1 answer

invalid line /etc/crypttab

I am troubleshooting a debian system that will not boot; the system booted fine, and one day ceased to do so (possibly but not definitely related to an apt upgrade). It has a small boot partition (sda1), a LUKS container on sda2. Inside the LUKS…
user001
  • 3,598
  • 5
  • 39
  • 54
2
votes
1 answer

change designated name of encrypted lvm root? from sdo to sdn in crypttab?

I installed debian stretch using encrypted lvm from the installer on a usb drive. during installation, with all disks connected, sdo5 is assigned to my boot disk. when running the full system, my boot disk is now assigned sdn5 this is problematic,…
jakethedog
  • 225
  • 1
  • 13
2
votes
1 answer

Why is my keyfile in /etc/crypttab not recognized?

I setup dm-crypt for a non-root partition on an Arch Linux installation and referenced a keyfile in /etc/crypttab (permissions -rw-------). However, during startup, I still get prompted for the password. It does however recognize the name of the…
Steven Roose
  • 319
  • 1
  • 2
  • 10
2
votes
1 answer

Enabling FIPS on a luks encrypted CentOS system breaks boot password

For one of my apps I need to enable FIPS for OpenSSL, while simultaneously using software disk encryption. VM #1 I launched a CentOS VM instance which was software encrypted during install. The system booted fine (after entering the boot…
a coder
  • 3,184
  • 9
  • 42
  • 63
1
vote
1 answer

Mount a LUKS encrypted EXT4 formated image file when mount folder is accessed (using autofs)

Here's what I'd like to do. Use autofs to automount an encrypted luks image file when the target directory is accessed. I've been playing with both fstab and crypttab, but to no luck. I do NOT want to use a key file to decrypt it. A password prompt…
JDMcMillian
  • 121
  • 5
1
vote
0 answers

restoring using timeshift with an encrypted disk from a fresh live usb install

if you're using the live usb (this is specific to pop!_os 21.04, but i think it would apply to ubuntu etc) and you do a fresh reinstall, would you need to boot into the new system to get access to the newly created /etc/fstab file (and crypttab…
zfigz
  • 11
  • 3
1
vote
0 answers

How to mount a btrfs subvolume via fstab? Has the root subvolume to be already mounted elsewhere?

I'm trying to mount two btrfs subvolumes from a same (luks-encrypted) device via the entries in fstab. The crypttab entry must be correct, since the system asks for the password on boot. But then it hangs with a black screen. The entries are: (this…
d.k
  • 245
  • 4
  • 10
1
2