crypto disk passphrase can't be entered

Commenting out the /home entries in /etc/fstab and /etc/crypttab with a Live CD and manually mounting on the command line just before login is a workaround.

Christian, how did you get it to even ask you for the password to the encrypted filesystem?

In my system (fresh 9.10 install), the graphical boot screen just says "Waiting for /dev/mapper/cryptohome", but there's not way to enter the password.

My /etc/fstab contains:
/dev/mapper/cryptohome /home ext3 relatime,errors=remount-ro,bootwait 0 2

My /etc/crypttab contains:
cryptohome /dev/sda4 noauto luks

If I press "ESC", I get a console, but it only allows me to enter the root password to get a shell.... but, of course, by default there is no root login allowed, so that's no help.

So, I have to rebook with the LiveCD, comment out the /dev/mapper/cryptohome entry in fstab, and.... here I am, looking for a solution.

My fstab entry sais
/dev/mapper/home /home ext3 defaults,noatime,errors=remount-ro 0 1
and my crypttab
home /dev/sda6 none luks,retry=1,cypher=aes-cbc-essiv:sha256

I don't know what your bootwait option does, have you tried it without? Not that I can say that your behaviour is better than mine. If you'd allow root login you'd at least get a shell where you can type ;)

Hello

I am having the same error.

Upgrade from jaunty to karmic and now I can't type the password for mounting /home. The system ask for it but i can't enter it.

I must press esc to get a root shell and mount manually

/etc/init.d/cryptdisks start
mount /home
exit

and then the system continues booting...

I am wondering how to fix this issue. any idea?

  This works on my systems. They have /home and swap as partitions on a LVM volume, in turn on a LUKS partition, and the key is this: You must (whether you ever hibernate or not) specify RESUME=UUID=(UUID of swap partition), then update-initramfs -u . Now, the passphrase is called in the initramfs, NOT echoed to a console under the splash screen, works fine splash or no.

To work without a resume image specified is possible but very buggy, and your problems do not suprise me. What happens is this: Cryptsetup is called by /etc/init/cryptdisks-enable.conf if you are using the current (karmic) build of cryptsetup. Cryptsetup now calls for the passphrase-but it is not the only program running! Always after the first call another program will echo text to the console, making passphrase entry impossible. The second try, however, generally works in my tests(your results may differ!) as other programs are now waiting instead of echoing their own messages. Same with or without splash-except, of course, for the echo-to-console under the splash screen bug, which is still there.

With LVM, one passphrase call handles the entire volume group, and is called in the initramfs, same as before. Without this arrangement, encryption becomes a real bugfest as of now. Cryptsetup in init needs to have a console to itself(all other outputs suppressed)-or else be modified to call everything in /etc/crypttab during the initramfs, whether needed for a resume image or not. It has not really been ported very well to upstart, it seems.

Thanks for the hint, Luke. Unfortunately, I don't have an LVM volume for swap and home but rather two separate LUKS partitions. Your solution sounds better in any case, as it annoys the hell out of me to enter the same passphrase twice. Why didn't the Jaunty installer propose this solution to me instead of the other? Anyway, is there still a way to mount /home as a so called "early crypto disk"? Or can I tell upstart not to run anything in parallel to mountall.sh or cryptsetup or whatever?

Luke your solution works. I have edited /etc/initramfs-tools/conf.d/resume and put the line
RESUME=/dev/mapper/my-home-encrypted
and then update-initramfs -u and now everything works ok.

But i think that this is not the correct solution because resume partition must be swap (i think) not home. And if I put swap it will not ask for the key because my swap partition is random encrypted.