problems mounting encrypted drive on reboot

Jerry Lowry <jlowry@xxxxxxx> · Wed, 20 Sep 2017 15:38:20 -0700



    Hi,
    I have created an encrypted drive using the following commands:
    #>cryptsetup --verify=passphrase -- hash=sha256
      --keyfile=/dir/file create /dev/mapper/testcui /dev/sdb
    #>mkfs.ext4 /dev/mapper/testcui
    I did this all at single user level.  running centos 7 on a VM.
    this all work well until I reboot the system and then it fails to
      mount the device and drops down it to emergency mode.  This is the
      journalctl output I get. ( yeah I know about the acls on the key
      file )  device name  "testcui"
    Sep 20 14:19:53 jubilee systemd[1]: Starting Cryptography Setup
      for /dev/mapper/testcui...

      -- Subject: Unit systemd-cryptsetup@-dev-mapper-testcui.service
      has begun start-up

      -- Defined-By: systemd

      -- Support:
      http://lists.freedesktop.org/mailman/listinfo/systemd-devel

      -- 

      -- Unit systemd-cryptsetup@-dev-mapper-testcui.service has begun
      starting up.

      Sep 20 14:19:53 jubilee systemd-cryptsetup[501]: Key file
      /etc/keys is world-readable. This is not a good idea!

      Sep 20 14:19:53 jubilee systemd-cryptsetup[501]: Set cipher aes,
      mode cbc-essiv:sha256, key size 256 bits for device /dev/sdb.

      Sep 20 14:19:53 jubilee systemd-cryptsetup[501]: Failed to
        activate with key file '/etc/keys': Invalid argument

      Sep 20 14:19:53 jubilee systemd[1]: Started Forward Password
      Requests to Plymouth.

    
    What is the invalid argument that it is complaining about?
    Once in emergency mode I can :
    #>cryptsetup create testcui /dev/sdb
    ( passcode)
    And it continues just fine.

    
    -- crypttab --
    # test disk

      #

      /dev/mapper/testcui  /dev/sdb /etc/keys plain

    
    --fstab--
    #

      # /etc/fstab

      # Created by anaconda on Tue Dec 15 12:05:51 2015

      #

      # Accessible filesystems, by reference, are maintained under
      '/dev/disk'

      # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for
      more info

      #

      UUID=c4cc85f2-9dbb-4bf8-8b3e-edaa5af3dae9 /                      
      xfs     defaults        1 1

      UUID=2f178edb-b16e-4ea1-85c3-d8243b07a75b /boot                  
      xfs     defaults        1 2

      UUID=a34fac21-a385-494a-a6cc-cae22b87c8c9 swap                   
      swap    defaults        0 0

      /dev/mapper/testcui    /cui        ext4    defaults    1 2

      
    jerry

    
    -- 

      
      ---------------------------------------------------------------------------

            Jerold
            Lowry

            Principal Network/Systems Engineer

            Engineering Design Team
            (EDT), Inc. a HEICO company

            3423 NW John Olsen Pl
            

            Hillsboro, Oregon 97124 (U.S.A.)

            Phone: 503-690-1234 /
            800-435-4320

            Fax: 503-690-1243

            Web: www.edt.com

          
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt