cryptsetup fails to open LUKS partition

I have encountered this same bug after installing Ubuntu 9.10 beta desktop on my Asus EEE (i386).

I used the alternate installer, and encrypted the root partition. Thus far, the root partition has always mounted successfully at boot. However, when I try to "cryptsetup luksOpen" my SD card, it does not accept the password.

Perhaps this is just a problem with LUKS encrypted disks that were created with previous versions of Ubuntu? (Of course, that is still a serious issue as LUKS should be forward compatible.)

Eventually, "cryptsetup luksOpen" (run as root from the command line) will succeed. It seems that if I log in to Gnome (instead of on the console), and then insert the SD card, Gnome detects the LUKS SD card, and ask me for a password. Gnome then fails to mount it, but(!) the next time I try to mount the SD card in the console as root, I succeed. However, I have only used this workaround twice, so maybe something else is going on.

If I discover any more information, I will post it here.

I did a fresh install and get the same error.

After the release of 9.10, I did a 'apt-get update ; apt-get upgrade ; apt-get dist-upgrade'.

Since upgrading, I have not encountered the problem. However, I reboot rarely, so I cannot say with certainty that the problem is solved.

If I encounter the problem again, I will post additional comments.

Interestingly, after the upgrade, cryptsetup did appear to fail to mount the encrypted root partition at least once during the initial boot process. However, I think this only happened once.

I can confirm.

I did the dist-upgrade via the update-manager.

The first time the boot process asks for my LUKS passphrase the drive light is still going. If I type in the passphrase immediately it will always fail. This is with both the USB wireless keyboard as well as with the laptop's built-in keyboard.

If I wait for the drive light to stop lighting up, usually it will still fail.

Usually, if I wait many minutes (5-10, not measured rigorously since I only boot up once a day and it's not such a big deal) LUKS will finally succeed. If I forget to wait many minutes, then it'll fail a third time and I need to reboot and try again.

I did a fresh install and configured a crypted user home (/home/user) that is opened at login using pam.
I have the following errors in my auth.log.

pam_mount(mount.c:67): Errors from underlying mount program:
pam_mount(mount.c:71): Command successful.

The underlying program seems to be cryptsetup. I made three big red crosses on my calendar because I did a fresh install on another harddisk. I wonder if I will ever get an update without regression.

I had the same problem but I was able to boot and unlock the LUKS partitions after rolling back to kernel 2.6.28-16-generic. None of the kernel packages released after 2.6.28-16-generic have allowed me to complete booting and gets stuck trying to unlock the 3 LUKS partition on my system.

I'm encountering a similar problem with pam_mount and decrypting a user home directory on login with Ubuntu 10.04 (Lucid Lynx). I originally had static keys set in crypttab and auto-mounted home in fstab but that started failing 100% a few weeks ago. I switched to pam_mount but have the same issues. I can mount it manually every time with:

mount.crypt -v -o keyfile="/etc/keys/dm-crypt/user_crypt.key",fsk_cipher="aes-256-ecb",fsk_hash="md5" /dev/sda7 /home/user

or by just using mount directly.

I am using 9.04 and had this exact problem appear sometime in the past 2 weeks (not 100% sure when). I was able to use mount.crypt (thanks jhansonxi) to mount the drive. cryptsetup fails 100% of the time with 10 different hard drives. I think it goes without saying that for those of us who make use of luks encryption, not being able to access a hard drive is a really serious problem. Attached is an strace I made during a failed mount attempt.

I can confirm the same behaviour in 10.04, here is the error I get (and I will post my config's in next post)

pam_mount(mount.c:64): Errors from underlying mount program:
pam_mount(mount.c:68): mount.crypt: stat /dev/mapper/home_crypt: No such file or directory
pam_mount(pam_mount.c:492): mount of /dev/mapper/home_crypt failed
No directory, logging in with HOME=/

and my relevant config files:

...crypttab...
home_crypt /dev/sdf1 noauto luks

...pam_mount.conf.xml...
<pam_mount>

  <!-- debug should come before everything else,
  since this file is still processed in a single pass
  from top-to-bottom -->

<debug enable="0" />

  <!-- Volume definitions -->
<volume user="dude" fstype="crypt" path="/dev/mapper/home_crypt" mountpoint="/home" />

  <!-- pam_mount parameters: General tunables -->
...

this problem is currently happening to me as well with kernel 2.6.28-19-server, as well as -18, -17, and -16.

the machine rebooted and on boot, the initramfs was unable to unlock the luks partitions. In this case the partition is a md mirror. cryptsetup luksOpen does not work on either the mirror or the component partitions.

following someone else's observations earlier in the bug report I tried repeating the luksOpen a few dozens of times, but it didn't ever succeed. i am sad.