I’m trying to make a fresh install of KDE and use my existing /home partition.
I followed the instructions in the first paragraph here:
My previous installation used all encrypted partitions. I am using the same name and username and I’m 95% sure that I’m using the same computer name. Just like my previous installation I’m using the same password for the encryption and also enabling:
“Log in automatically without asking for the password.”
“Use the same password for the administrator account.”
In the graphical installation I’ve tried doing the manual partitioning.
Partition type: GPT
All new partitions
300 mib, fat32, /boot/efi mount point, boot flag
96556 mib, ext4 luks, / mount point, n/a flags, encryption enabled
17616 mib, ext4 luks, swap hidden flag, encryption enabled
Drive for the existing /home partition
Change mount point from no mount point to /home
About midway through the installation I got an error message saying:
Error Installation failed Encrypted rootfs setup error Could not configure LUKS key file on partition /dev/sdb1
In my second attempt I tried installing Manjaro without marking the old /home partition as the actual /home mount point.
Rebooted into the live Manjaro.
Followed the steps here:
Edited the fstab following the “Preparing fstab for the switch” paragraph from:
Uncommented GRUB_ENABLE_CRYPTODISK=y from /etc/default/grub
[FAILED] Failed to mount /home. [DEPEND] Dependency failed for Local File Systems. Please enter passphrase for disk INTEL_SSDSC2CW120A3 (luks-a9c48091-5f0d-42fa-9235-0bb25ec7cd2c): (press TAB for no echo)
Looks like uncommenting GRUB_ENABLE_CRYPTODISK=y from /etc/default/grub did not prevent me from having to enter the passphrase twice.
All the information below was taken while chroot into the encrypted root partition.
# /etc/fstab: static file system information. # # Use 'blkid' to print the universally unique identifier for a device; this may # be used with UUID= as a more robust way to name devices that works even if # disks are added and removed. See fstab(5). # # <file system> <mount point> <type> <options> <dump> <pass> UUID=944C-5EBD /boot/efi vfat umask=0077 0 2 /dev/mapper/luks-2215d7ec-d7e5-45bb-a804-b29d8ce3128a / ext4 defaults,noatime 0 1 tmpfs /tmp tmpfs defaults,noatime,mode=1777 0 0 UUID=b98b7c10-be38-4ad2-9386-db4c85e08436 /home ext4 defaults 0 2
# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT loop0 7:0 0 20.9M 1 loop loop1 7:1 0 565.6M 1 loop loop2 7:2 0 1.7G 1 loop loop3 7:3 0 596.1M 1 loop sda 8:0 0 931.5G 0 disk └─sda1 8:1 0 931.5G 0 part sdb 8:16 0 465.8G 0 disk └─sdb1 8:17 0 465.8G 0 part sdc 8:32 0 119.2G 0 disk └─sdc1 8:33 0 119.2G 0 part sdd 8:48 0 111.8G 0 disk ├─sdd1 8:49 0 16M 0 part └─sdd2 8:50 0 111.8G 0 part sde 8:64 0 111.8G 0 disk ├─sde1 8:65 0 300M 0 part /boot/efi ├─sde2 8:66 0 94.3G 0 part │ └─crypto_LUKS 254:0 0 94.3G 0 crypt / └─sde3 8:67 0 17.2G 0 part sdf 8:80 1 29.5G 0 disk ├─sdf1 8:81 1 2.9G 0 part └─sdf2 8:82 1 4M 0 part nvme0n1 259:0 0 953.9G 0 disk └─nvme0n1p1 259:1 0 953.9G 0 part
# /etc/crypttab: mappings for encrypted partitions. # # Each mapped device will be created in /dev/mapper, so your /etc/fstab # should use the /dev/mapper/<name> paths for encrypted devices. # # See crypttab(5) for the supported syntax. # # NOTE: Do not list your root (/) partition here, it must be set up # beforehand by the initramfs (/etc/mkinitcpio.conf). The same applies # to encrypted swap, which should be set up with mkinitcpio-openswap # for resume support. # # <name> <device> <password> <options> luks-2215d7ec-d7e5-45bb-a804-b29d8ce3128a UUID=2215d7ec-d7e5-45bb-a804-b29d8ce3128a /crypto_keyfile.bin luks luks-a9c48091-5f0d-42fa-9235-0bb25ec7cd2c UUID=a9c48091-5f0d-42fa-9235-0bb25ec7cd2c /crypto_keyfile.bin luks
GRUB_DEFAULT=saved GRUB_TIMEOUT=10 GRUB_TIMEOUT_STYLE=hidden GRUB_DISTRIBUTOR="Manjaro" GRUB_CMDLINE_LINUX_DEFAULT="quiet cryptdevice=UUID=2215d7ec-d7e5-45bb-a804-b29d8ce3128a:luks-2215d7ec-d7e5-45bb-a804-b29d8ce3128a root=/dev/mapper/luks-2215d7ec-d7e5-45bb-a804-b29d8ce3128a> GRUB_CMDLINE_LINUX="" # If you want to enable the save default function, uncomment the following # line, and set GRUB_DEFAULT to saved. GRUB_SAVEDEFAULT=true # Preload both GPT and MBR modules so that they are not missed GRUB_PRELOAD_MODULES="part_gpt part_msdos" # Uncomment to enable booting from LUKS encrypted devices GRUB_ENABLE_CRYPTODISK=y # Uncomment to use basic console GRUB_TERMINAL_INPUT=console # Uncomment to disable graphical terminal #GRUB_TERMINAL_OUTPUT=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command 'videoinfo' GRUB_GFXMODE=auto # Uncomment to allow the kernel use the same resolution used by grub GRUB_GFXPAYLOAD_LINUX=keep # Uncomment if you want GRUB to pass to the Linux kernel the old parameter # format "root=/dev/xxx" instead of "root=/dev/disk/by-uuid/xxx" #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries GRUB_DISABLE_RECOVERY=true # Uncomment and set to the desired menu colors. Used by normal and wallpaper # modes only. Entries specified as foreground/background. GRUB_COLOR_NORMAL="light-gray/black" GRUB_COLOR_HIGHLIGHT="green/black" # Uncomment one of them for the gfx desired, a image background or a gfxtheme #GRUB_BACKGROUND="/usr/share/grub/background.png" GRUB_THEME="/usr/share/grub/themes/manjaro/theme.txt" # Uncomment to get a beep at GRUB start #GRUB_INIT_TUNE="480 440 1" GRUB_ENABLE_CRYPTODISK=y
# vim:set ft=sh # MODULES # The following modules are loaded before any boot hooks are # run. Advanced users may wish to specify all system modules # in this array. For instance: # MODULES=(piix ide_disk reiserfs) MODULES="" # BINARIES # This setting includes any additional binaries a given user may # wish into the CPIO image. This is run last, so it may be used to # override the actual binaries included by a given hook # BINARIES are dependency parsed, so you may safely ignore libraries BINARIES=() # FILES # This setting is similar to BINARIES above, however, files are added # as-is and are not parsed in any way. This is useful for config files. FILES="/crypto_keyfile.bin" # HOOKS # This is the most important setting in this file. The HOOKS control the # modules and scripts added to the image, and what happens at boot time. # Order is important, and it is recommended that you do not change the # order in which HOOKS are added. Run 'mkinitcpio -H <hook name>' for # help on a given hook. # 'base' is _required_ unless you know precisely what you are doing. # 'udev' is _required_ in order to automatically load modules # 'filesystems' is _required_ unless you specify your fs modules in MODULES # Examples: ## This setup specifies all modules in the MODULES setting above. ## No raid, lvm2, or encrypted root is needed. # HOOKS=(base) # ## This setup will autodetect all modules for your system and should ## work as a sane default # HOOKS=(base udev autodetect block filesystems) # ## This setup will generate a 'full' image which supports most systems. ## No autodetection is done. # HOOKS=(base udev block filesystems) # ## This setup assembles a pata mdadm array with an encrypted root FS. ## Note: See 'mkinitcpio -H mdadm' for more information on raid devices. # HOOKS=(base udev block mdadm encrypt filesystems) # ## This setup loads an lvm2 volume group on a usb device. # HOOKS=(base udev block lvm2 filesystems) # ## NOTE: If you have /usr on a separate partition, you MUST include the # usr, fsck and shutdown hooks. HOOKS="base udev autodetect modconf block keyboard keymap encrypt filesystems" # COMPRESSION # Use this to compress the initramfs image. By default, gzip compression # is used. Use 'cat' to create an uncompressed image. #COMPRESSION="gzip" #COMPRESSION="bzip2" #COMPRESSION="lzma" #COMPRESSION="xz" #COMPRESSION="lzop" #COMPRESSION="lz4" # COMPRESSION_OPTIONS # Additional options for the compressor #COMPRESSION_OPTIONS=()