Unable to boot from encrypted partition after fresh install of 16.04
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| ubiquity (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned | ||
Bug Description
Let me start by excusing myself, if some of the technical terms used are wrong. Although I do see myself as quite tech savvy, this is pretty far away from my usual territory.
I've been running with a partition layout like this for a while:
* An extended partition with 3 logical partitions in it:
* A small, unencrypted partition for /boot
* Another, encrypted partition for /
* And the last partition, encrypted for /home
I initially based this layout more or less on the way the Ubuntu installer does it if I just let it do it for me, except that I have /home on a separate partition.
With the release of Xenial Xerus, I decided to do a clean installation. I also decided to wipe the existing partitions and recreate the same setup, but with different partition sizes. And so I did, by choosing the "Something else" option on the "Installation type" step in the installer. Installation went fine and all.
But upon boot, the splash screen stayed there for a long time. Where I would expect the passphrase prompt for the disk encryption key to appear, nothing happened. After some time, I was dropped to busybox with an `(initramfs)` prompt.
Since then, I've spend a whole day trying to find a fix. And I think I succeeded. But it seems like the installer is missing something. So let me try to explain what I did to make this work, hoping that it gives someone capable of fixing the installer a clue about what's wrong with it.
Several people on the internet suggested that I ran `cryptsetup` from `initramfs` prompt. But that command wasn't available. After doing more research on the interwebz, I managed to fix this by doing 3 things after mounting and chrooting the encrypted root partition from the Live USB:
1) I read somewhere that `cryptsetup` would only be part of `initramfs` if `crypttab` was present. I followed a suggestion to manually edit the file `/etc/crypttab`, which was missing(!), and entered the proper settings for my 2 encrypted partitions. This of course had to match with what the decrypted partitions were called in `/etc/fstab`.
2) Then I followed another suggestion to add the following modules to `/etc/initramfs
aes-x86_64
sha512-ssse3
xts
dm-mod
dm-crypt
I have no idea whether this had any actual influence on the success, but -- from the names of the modules -- it sounds plausible that I needed at least some of those.
3) Finally, I ran `update-initramfs` with some arguments along the lines of `-uck all` (which seemed to form some quite appropriate words after hours of searching for answers without any luck at all).
After a reboot, I was finally prompted to enter the disk passphrase and eventually got to the login greeter. Phew!
Along the way, I also did several other things, but I tried to remember to always revert those changes if they did not work. Other things _might_ have been changed manually, though, for this to work, but I believe that it was the things mentioned above that did the trick.
| Ubuntu Foundations Team Bug Bot (crichton) wrote | #1 |
| tags: | added: bot-comment |
| affects: | ubuntu → ubiquity |
| affects: | ubiquity → ubiquity (Ubuntu) |
| Launchpad Janitor (janitor) wrote | #2 |
| Changed in ubiquity (Ubuntu): | |
| status: | New → Confirmed |
Thank you for taking the time to report this bug and helping to make Ubuntu better. It seems that your bug report is not filed about a specific source package though, rather it is just filed against Ubuntu in general. It is important that bug reports be filed about source packages so that people interested in the package can find the bugs about it. You can find some hints about determining what package your bug might be about at https:/
To change the source package that this bug is filed about visit https:/
[This is an automated message. I apologize if it reached you inappropriately; please just reply to this message indicating so.]