Zum Inhalt

Monat: Dezember 2017

Unlock your /home partition and other volumes with cryptsetup on boot (Ubuntu 17.10 / systemd)

With Ubuntu 17.10 using systemd 234-2ubuntu12.1 (as of me writing this) you cannot just do it the obvious way:

This will create lines and/or keyfiles in /etc/crypttab, which systemd happily ignores. At least the unit-files systemd will generate on the fly will fail.

The way to do it, is adding the correct kernel boot parameters luks.uuid= and luks.options= lines to your grub config file.

For Ubuntu, i had to change /etc/default/grub from

GRUB_CMDLINE_LINUX=""

to

GRUB_CMDLINE_LINUX="luks.uuid=c142f353-fbe8-4965-931e-c9b1e9503fcd luks.uuid=91d55cef-d26c-4e42-8d97-c17a8df79c58 luks.options=timeout=90s"

Fun fact: if you leave out the timeout specification, systemd will simply not ask for the password, stating the timeout expired ^_^

After changing the file, run

sudo update-grub

Leave a Comment