< Previous | Contents | Next >
If you created encrypted volumes during the installation and assigned them mount points, you will be asked to enter the passphrase for each of these volumes during the boot.
For partitions encrypted using dm-crypt you will be shown the following prompt during the boot:
Starting early crypto disks... part_crypt(starting) Enter LUKS passphrase:
In the first line of the prompt, part is the name of the underlying partition, e.g. sda2 or md0. You are now probably wondering for which volume you are actually entering the passphrase. Does it relate to your /home? Or to /var? Of course, if you have just one encrypted volume, this is easy and you can just enter the passphrase you used when setting up this volume. If you set up more than one encrypted volume during the installation, the notes you wrote down as the last step in Section 6.3.3.6 come in handy. If you did not make a note of the mapping between part_crypt and the mount points before, you can still find it in /etc/crypttab and /etc/fstab of your new system.
The prompt may look somewhat different when an encrypted root file system is mounted. This de- pends on which initramfs generator was used to generate the initrd used to boot the system. The example below is for an initrd generated using initramfs-tools:
Begin: Mounting root file system... ... Begin: Running /scripts/local-top ...
Enter LUKS passphrase:
No characters (even asterisks) will be shown while entering the passphrase. If you enter the wrong passphrase, you have two more tries to correct it. After the third try the boot process will skip this volume and continue to mount the next filesystem. Please see Section 7.2.1 for further information.
After entering all passphrases the boot should continue as usual.
7.2.1. Troubleshooting