Hello everyone,
I am having a strange issue with a full disk encryption setup of a new Debian 12 (Bookworm) installation. I used debootstrap from the latest Debian Live 12 USB image and followed the Debian guide on full disk encryption.
I use LVM to create a logical volume for hosting the swap partition, which is encrypted with LUKS:
I have created the /etc/crypttab entry:
and the /etc/fstab entry:
and of course my LUKS key /etc/luks/keyfiles/luksswap.keyfile exists. I expect the SWAP volume to be decrypted with the key after the root volume is decrypted, but instead the system asks for a passphrase in every boot for SWAP.
I use the same setup in Debian 11 and all is working as expected, unlocking my SWAP volume after root filesystem is unlocked.
Any ideas what am I missing here?
I am having a strange issue with a full disk encryption setup of a new Debian 12 (Bookworm) installation. I used debootstrap from the latest Debian Live 12 USB image and followed the Debian guide on full disk encryption.
I use LVM to create a logical volume for hosting the swap partition, which is encrypted with LUKS:
Code:
# lsblk --fs /dev/<my disk>NAME FSTYPE FSVER LABEL UUID FSAVAIL FSUSE% MOUNTPOINTsde3 LVM2_member LVM2 001 XXXXXX-YYYY-XXXX-YYYY-XXXX-YYYY-XXXXXX ├─debian_systemvg-swaplv crypto_LUKS 2 XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX │ └─luksswap swap 1 DEBIAN_SWAP YYYYYYYY-YYYY-YYYY-YYYY-YYYYYYYYYYYY [SWAP]... <other volumes>Code:
luksswap UUID=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX /etc/luks/keyfiles/luksswap.keyfile luksCode:
UUID=YYYYYYYY-YYYY-YYYY-YYYY-YYYYYYYYYYYY none swap defaults,pri=-2 0 0I use the same setup in Debian 11 and all is working as expected, unlocking my SWAP volume after root filesystem is unlocked.
Any ideas what am I missing here?
Statistics: Posted by IT-Nerd — 2024-08-07 16:12 — Replies 0 — Views 21