Why my encrypted LVM volume (LUKS device) won't mount at boot time?

You have to pay attention to UUIDs . For instance, this is my configuration:

# lsblk -o name,uuid,mountpoint
├─sda2                         727fa348-8804-4773-ae3d-f3e176d12dac
│ └─sda2_crypt (dm-0)          P1kvJI-5iqv-s9gJ-8V2H-2EEO-q4aK-sx4aDi
│   ├─debian_crypt-swap (dm-1) 3f9f24d7-86d1-4e21-93e9-f3c181d05cf0   [SWAP]
│   ├─debian_crypt-tmp (dm-2)  93fc8219-f985-45fb-bd5c-2c7940a7512d   /tmp
│   ├─debian_crypt-home (dm-3) 12e8566c-8f0f-45ec-8524-6d9d9ee91eae   /home
│   └─debian_crypt-root (dm-4) 9685570b-4c9e-43ea-815e-49d10dc7a1bf   /

I have one encrypted partition (sda2) with 4 volumes (LVM). What I need is to set two UUIDs in the right files. The sda2 UUID goes to /etc/crypttab and the volume UUID (for example debian_crypt-root) goes to /etc/fstab .

So, it would be:

# cat /etc/crypttab
sda2_crypt              UUID=727fa348-8804-4773-ae3d-f3e176d12dac   none        luks

# cat /etc/fstab
UUID=9685570b-4c9e-43ea-815e-49d10dc7a1bf       /               ext4    defaults,errors=remount-ro              0 1

After changing the /etc/crypttab file, you have to rebuild initramfs:

# update-initramfs -u -k all

NOTE

The package cryptsetup has to be installed because it has startup scripts which provide support for automounting encrypted volumes at boot.

Why bother to mention this? Well, if you setup LVM during the installation Debian Wheezy installs packages cryptsetup-bin, libcryptsetup4 and lvm2 but not cryptsetup, thus you have the tools to setup LVM & LUKS devices but not the scripts necessary to mount LUKS devices at boot time. Those come in the package cryptsetup.

Tags:

Lvm

Cryptsetup