Return to Revisions

4 of 8

added 29 characters in body

edited Aug 19 at 23:37

How to configure grub to boot from encrypted lvm partition [SOLVED]

after entering passphrase GRUB fails to open partition

invalid passphrase 
no such cryptodisk found
disk ‘lvmid/..............’ not found
/etc/default/grub

/etc/default/grub
GRUB_CMDLINE_LINUX=”cryptdevice=/dev/sda5:devuan-root:allow-discard”
GRUB_ENABLE_CRYPTODISK=yes

Boot from CD

cryptsetup luksOpen /dev/sda5 somename
mount --bind /dev /mnt/dev
mount --bind /proc /mnt/proc
mount --bind /sys /mnt/sys
chroot /mnt/
grub-install --target=i386-pc /dev/sda

-------------[SOLUTION]

GRUB 2.12 doesn't support decrypting an ARGON2ID keyslot; it will immediately say invalid passphrase, when usually GRUB takes some time to decrypt (due to SSE registers being disabled in GRUB). Convert it to PBKDF2 format:

cryptsetup luksConvertKey --pbkdf pbkdf2 <device>

link

asked Aug 19 at 23:06

normal_max