boot hangs with more than 1 luks device in crypttab

Status changed to 'Confirmed' because the bug affects multiple users.

I also ran into this problem. In my case, I created the second encrypted partition after installing Ubuntu: (1) used fdisk to make partition, (2) run cryptsetup to create LUKS header, (3) edit crypttab to map the partition, (4) reboot.

In my particular case, I was able to work around the issue by specifying "initramfs" on all partitions as an option in crypttab. However this is an annoyance for partitions that are not critical for booting.

Are there any other workarounds for this? adding 'initramfs' doesn't work for me as the initramfs detects it can proceed with a partially-assembled lvm volume group, only starts encryption for one pv, never asks for the other password, and the system scripts later hang the system because they cannot ask for a password

Hi Kevin,

I was doing some more reading and I think this bug actually duplicates this other bug, and a fix is supposedly in place for Xenial. I haven't tried it yet. https://bugs.launchpad.net/ubuntu/+source/plymouth/+bug/1432265/comments/11

I tried Xenial. Yes it does fix the simplified test case in this bug (when booting doesn't require the second encrypted volume to be open), but it doesn't fix my real issue, which is encrypting multiple devices and putting btrfs on top of it. Adding initramfs doesn't help.

So whenever you try booting from multiple encrypted devices it will fail.

I've only one encrypted device, but since upgrade to Ubuntu 16.04 Xenial my machine fails to mount it and stops booting. After entering the password for the device, the system just displays: "After login in, type "journalctl -xb" to view system logs". Booting can be resumed by hitting enter and then manually mounting the encrypted device. I do not use Luks but a simple combination of /etc/crypttab and /etc/fstab.

By the way, just did apt-get dist-upgrade and the following warning appeared:

cryptsetup: WARNING: failed to detect canonical device of /dev/sda2
cryptsetup: WARNING: could not determine root device from /etc/fstab

/dev/sda2 is my unencrypted root device.

I am using 14.04 with / and /home (both logical volumes) crypted and USB sticks holding my key files. In this configuration, the system boots.
I intend to move to Xenial and installed it on other lv's with the same type of configuration. Boot hangs, and gets to the situation Karl Kastner wrote about. It turns out that the journal lists timeout for both lv's
root :
Timed out waiting for device dev-disk-by\x2duuid-4146dfad\x2d26f0\x2d4aec\x2d99c3\x2d8ab00c3e4297:-lkf-victor-odos:1.device.
and home :
Timed out waiting for device dev-disk-by\x2duuid-4146dfad\x2d26f0\x2d4aec\x2d99c3\x2d8ab00c3e4297:-lkf-victor-oikia:1.device.
The listed device is my usb stick.

No way moving to Xenial if no solution to this problem.

In 18.04.1 Server, I was able to freshly install with two luks encrypted devices which I already added during the partitioning step.

Later on, I changed the generated /dev/mapper/... names in /etc/crypttab and /etc/fstab and continued with a

dmsetup rename OLD_NAME1 NEW_NAME1 #avoids errors in later commands
dmsetup rename OLD_NAME2 NEW_NAME2 #avoids errors in later commands
update-initramfs -c -t -k all
update-grub
reboot

Both update-* commands ran without issues.

The result was that I get asked for one of the two passwords and then it gets into some lvm loop and fails booting.