I’m trying to make a fresh install of KDE and use my existing /home partition.
I followed the instructions in the first paragraph here:
https://help.ubuntu.com/community/Partitioning/Home/Moving
My previous installation used all encrypted partitions. I am using the same name and username and I’m 95% sure that I’m using the same computer name. Just like my previous installation I’m using the same password for the encryption and also enabling:
“Log in automatically without asking for the password.”
“Use the same password for the administrator account.”
In the graphical installation I’ve tried doing the manual partitioning.
OS drive
/dev/sde
Partition type: GPT
All new partitions
300 mib, fat32, /boot/efi mount point, boot flag
96556 mib, ext4 luks, / mount point, n/a flags, encryption enabled
17616 mib, ext4 luks, swap hidden flag, encryption enabled
Drive for the existing /home partition
/dev/sdb1
Existing partition
Edit /dev/sdb1
Change mount point from no mount point to /home
Content: keep
About midway through the installation I got an error message saying:
Error
Installation failed
Encrypted rootfs setup error
Could not configure LUKS key file on partition /dev/sdb1
In my second attempt I tried installing Manjaro without marking the old /home partition as the actual /home mount point.
Rebooted into the live Manjaro.
Followed the steps here:
Edited the fstab following the “Preparing fstab for the switch” paragraph from:
https://help.ubuntu.com/community/Partitioning/Home/Moving
Uncommented GRUB_ENABLE_CRYPTODISK=y from /etc/default/grub
Rebooted
[FAILED] Failed to mount /home.
[DEPEND] Dependency failed for Local File Systems.
Please enter passphrase for disk INTEL_SSDSC2CW120A3 (luks-a9c48091-5f0d-42fa-9235-0bb25ec7cd2c): (press TAB for no echo)
Looks like uncommenting GRUB_ENABLE_CRYPTODISK=y from /etc/default/grub did not prevent me from having to enter the passphrase twice.
All the information below was taken while chroot into the encrypted root partition.
/etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a device; this may
# be used with UUID= as a more robust way to name devices that works even if
# disks are added and removed. See fstab(5).
#
# <file system> <mount point> <type> <options> <dump> <pass>
UUID=944C-5EBD /boot/efi vfat umask=0077 0 2
/dev/mapper/luks-2215d7ec-d7e5-45bb-a804-b29d8ce3128a / ext4 defaults,noatime 0 1
tmpfs /tmp tmpfs defaults,noatime,mode=1777 0 0
UUID=b98b7c10-be38-4ad2-9386-db4c85e08436 /home ext4 defaults 0 2
lsblk
# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
loop0 7:0 0 20.9M 1 loop
loop1 7:1 0 565.6M 1 loop
loop2 7:2 0 1.7G 1 loop
loop3 7:3 0 596.1M 1 loop
sda 8:0 0 931.5G 0 disk
└─sda1 8:1 0 931.5G 0 part
sdb 8:16 0 465.8G 0 disk
└─sdb1 8:17 0 465.8G 0 part
sdc 8:32 0 119.2G 0 disk
└─sdc1 8:33 0 119.2G 0 part
sdd 8:48 0 111.8G 0 disk
├─sdd1 8:49 0 16M 0 part
└─sdd2 8:50 0 111.8G 0 part
sde 8:64 0 111.8G 0 disk
├─sde1 8:65 0 300M 0 part /boot/efi
├─sde2 8:66 0 94.3G 0 part
│ └─crypto_LUKS 254:0 0 94.3G 0 crypt /
└─sde3 8:67 0 17.2G 0 part
sdf 8:80 1 29.5G 0 disk
├─sdf1 8:81 1 2.9G 0 part
└─sdf2 8:82 1 4M 0 part
nvme0n1 259:0 0 953.9G 0 disk
└─nvme0n1p1 259:1 0 953.9G 0 part
/etc/crypttab
# /etc/crypttab: mappings for encrypted partitions.
#
# Each mapped device will be created in /dev/mapper, so your /etc/fstab
# should use the /dev/mapper/<name> paths for encrypted devices.
#
# See crypttab(5) for the supported syntax.
#
# NOTE: Do not list your root (/) partition here, it must be set up
# beforehand by the initramfs (/etc/mkinitcpio.conf). The same applies
# to encrypted swap, which should be set up with mkinitcpio-openswap
# for resume support.
#
# <name> <device> <password> <options>
luks-2215d7ec-d7e5-45bb-a804-b29d8ce3128a UUID=2215d7ec-d7e5-45bb-a804-b29d8ce3128a /crypto_keyfile.bin luks
luks-a9c48091-5f0d-42fa-9235-0bb25ec7cd2c UUID=a9c48091-5f0d-42fa-9235-0bb25ec7cd2c /crypto_keyfile.bin luks
/etc/default/grub
GRUB_DEFAULT=saved
GRUB_TIMEOUT=10
GRUB_TIMEOUT_STYLE=hidden
GRUB_DISTRIBUTOR="Manjaro"
GRUB_CMDLINE_LINUX_DEFAULT="quiet cryptdevice=UUID=2215d7ec-d7e5-45bb-a804-b29d8ce3128a:luks-2215d7ec-d7e5-45bb-a804-b29d8ce3128a root=/dev/mapper/luks-2215d7ec-d7e5-45bb-a804-b29d8ce3128a>
GRUB_CMDLINE_LINUX=""
# If you want to enable the save default function, uncomment the following
# line, and set GRUB_DEFAULT to saved.
GRUB_SAVEDEFAULT=true
# Preload both GPT and MBR modules so that they are not missed
GRUB_PRELOAD_MODULES="part_gpt part_msdos"
# Uncomment to enable booting from LUKS encrypted devices
GRUB_ENABLE_CRYPTODISK=y
# Uncomment to use basic console
GRUB_TERMINAL_INPUT=console
# Uncomment to disable graphical terminal
#GRUB_TERMINAL_OUTPUT=console
# The resolution used on graphical terminal
# note that you can use only modes which your graphic card supports via VBE
# you can see them in real GRUB with the command 'videoinfo'
GRUB_GFXMODE=auto
# Uncomment to allow the kernel use the same resolution used by grub
GRUB_GFXPAYLOAD_LINUX=keep
# Uncomment if you want GRUB to pass to the Linux kernel the old parameter
# format "root=/dev/xxx" instead of "root=/dev/disk/by-uuid/xxx"
#GRUB_DISABLE_LINUX_UUID=true
# Uncomment to disable generation of recovery mode menu entries
GRUB_DISABLE_RECOVERY=true
# Uncomment and set to the desired menu colors. Used by normal and wallpaper
# modes only. Entries specified as foreground/background.
GRUB_COLOR_NORMAL="light-gray/black"
GRUB_COLOR_HIGHLIGHT="green/black"
# Uncomment one of them for the gfx desired, a image background or a gfxtheme
#GRUB_BACKGROUND="/usr/share/grub/background.png"
GRUB_THEME="/usr/share/grub/themes/manjaro/theme.txt"
# Uncomment to get a beep at GRUB start
#GRUB_INIT_TUNE="480 440 1"
GRUB_ENABLE_CRYPTODISK=y
/etc/mkinitcpio.conf
# vim:set ft=sh
# MODULES
# The following modules are loaded before any boot hooks are
# run. Advanced users may wish to specify all system modules
# in this array. For instance:
# MODULES=(piix ide_disk reiserfs)
MODULES=""
# BINARIES
# This setting includes any additional binaries a given user may
# wish into the CPIO image. This is run last, so it may be used to
# override the actual binaries included by a given hook
# BINARIES are dependency parsed, so you may safely ignore libraries
BINARIES=()
# FILES
# This setting is similar to BINARIES above, however, files are added
# as-is and are not parsed in any way. This is useful for config files.
FILES="/crypto_keyfile.bin"
# HOOKS
# This is the most important setting in this file. The HOOKS control the
# modules and scripts added to the image, and what happens at boot time.
# Order is important, and it is recommended that you do not change the
# order in which HOOKS are added. Run 'mkinitcpio -H <hook name>' for
# help on a given hook.
# 'base' is _required_ unless you know precisely what you are doing.
# 'udev' is _required_ in order to automatically load modules
# 'filesystems' is _required_ unless you specify your fs modules in MODULES
# Examples:
## This setup specifies all modules in the MODULES setting above.
## No raid, lvm2, or encrypted root is needed.
# HOOKS=(base)
#
## This setup will autodetect all modules for your system and should
## work as a sane default
# HOOKS=(base udev autodetect block filesystems)
#
## This setup will generate a 'full' image which supports most systems.
## No autodetection is done.
# HOOKS=(base udev block filesystems)
#
## This setup assembles a pata mdadm array with an encrypted root FS.
## Note: See 'mkinitcpio -H mdadm' for more information on raid devices.
# HOOKS=(base udev block mdadm encrypt filesystems)
#
## This setup loads an lvm2 volume group on a usb device.
# HOOKS=(base udev block lvm2 filesystems)
#
## NOTE: If you have /usr on a separate partition, you MUST include the
# usr, fsck and shutdown hooks.
HOOKS="base udev autodetect modconf block keyboard keymap encrypt filesystems"
# COMPRESSION
# Use this to compress the initramfs image. By default, gzip compression
# is used. Use 'cat' to create an uncompressed image.
#COMPRESSION="gzip"
#COMPRESSION="bzip2"
#COMPRESSION="lzma"
#COMPRESSION="xz"
#COMPRESSION="lzop"
#COMPRESSION="lz4"
# COMPRESSION_OPTIONS
# Additional options for the compressor
#COMPRESSION_OPTIONS=()