Comments on: encrypted root file system on LVM Blogs and Ramblings of the openSUSE Members Fri, 06 Mar 2020 17:50:09 +0000 hourly 1 By: Earl Ruby Tue, 16 Jun 2009 15:06:17 +0000 You need to re-add it to menu.lst and re-run mkinitrd. If you updated your kernel and then rebooting failed, boot off the SUSE Live CD disk, fire up Gnome Terminal, and:

cryptsetup luksOpen /dev/sda2 root

Enter decrypt password. Then:

mount /dev/mapper/system-root /mnt
mount /dev/mapper/system-usr /mnt/usr
mount /dev/sda1 /mnt/boot
for i in dev sys proc; do mount --bind /$i /mnt/$i; done
chroot /mnt

Add “luks_root=/dev/sda2” to /boot/grub/menu.lst, then re-run mkinitrd.

To keep kernel updates from messing up your system again, add the string “luks_root=/dev/sda2” to the end of the DEFAULT_APPEND and FAILSAFE_APPEND lines in /etc/sysconfig/bootloader.

By: Earl Ruby Tue, 16 Jun 2009 14:57:56 +0000 One step you need to add: People need to modify the /etc/sysconfig/bootloader configuration file and add the string “luks_root=/dev/sda2” to the end of both the DEFAULT_APPEND and FAILSAFE_APPEND lines, otherwise the next time the system updates the kernel it will not include this setting in /boot/grub/menu.lst file and the system fail to boot.

By: mapia Tue, 28 Apr 2009 22:06:28 +0000 I can confirm that this is the only necesary change. My problem arose because I added an additional grub item and I forgot to specify the initrd. Beginner error sorry.

By: mapia Tue, 28 Apr 2009 21:25:29 +0000 Sorry i think I expressed myself here a bit unprecise. I did not use the initial menu.lst instead I edited the newly created menu.lst file with the reference to the new kernel and added luks_root=/dev/sda3 (in my case) and luks=root. Still after the reboot I’m no more prompted for th eluks password

By: Ludwig Nussel Tue, 28 Apr 2009 13:34:36 +0000 You can’t use the old menu.lst as the file name of the kernel has changed. You just need to add the luks_root=/dev/sda2 parameter in the new file again.

By: Ludwig Nussel Tue, 28 Apr 2009 13:33:26 +0000 it’s a hack to trick mkinitrd into using luks (root_luks=1) for the device in the variable ‘luks_root’ (due to luks=root). See /lib/mkinitrd/scripts/

By: mapia Tue, 28 Apr 2009 11:52:46 +0000 Since the latest kernel update my system is not booting anymore even after restoring menu.lst. Is it possible that the order of loading necesary files changed?

By: mapia Tue, 28 Apr 2009 11:48:03 +0000 Hi,

can you explain a bit more in detail why
Create /etc/sysconfig/initrd with the following two lines:

is necesary and what it is doing. Is it just necesary for the making of the new initrd or also during the startup?

By: Ludwig Nussel Thu, 09 Apr 2009 09:19:49 +0000 Additional note for those trying it: Beware of kernel updates. The luks_root option seems to get lost so check your menu.lst before rebooting:

By: Andreas Stieger Tue, 31 Mar 2009 16:53:31 +0000 Works before leaving language/keyboard layout screen when you “modprobe dm-crypt” and “modprobe aes”. Doing it a screen later locked the disk device for some reason.