Anyone ever have cryptsetup just start hanging after entering password on boot? This seems like it’s going to be a fun issue to try to resolve…
- lemmyreader ( @lemmyreader@lemmy.ml ) English3•5 months ago
Boot with previous kernel ? If fail, boot from Linux live, connect, mount, make backups, and try to fix.
Oddly, after a few tries I managed to get past. I religiously back things up, and just last night pushed all my current dots.
I’m gonna run some drive diagnostics. If everything looks good, I’ll just repartition and take this as a sign to only use encryption on secondary drives where I backup sensitive info.
- haui ( @haui_lemmy@lemmy.giftedmc.com ) 2•5 months ago
I really need to get into pushing dot files. Every time I think „its not going to be that much“. Then I install a new system and like 20 apps, then I fiddle here and there. After a couple weeks I def rack up one or more hours of config.
My protip is to use symlinks, and then just keep all your dots in a project folder. Makes it super easy to keep iterating on them in realtime, and pushing changes.
- haui ( @haui_lemmy@lemmy.giftedmc.com ) 2•5 months ago
Thats neat! Thanks for the suggestion. I‘ll try that. Currently am experimenting on libraries with my coding stuff.
- krolden ( @krolden@lemmy.ml ) 1•5 months ago
How could you boot a different kernel if you can’t unlock the drive?
- Violet_McQuasional ( @Violet_McQuasional@feddit.uk ) 1•5 months ago
Isn’t it quite common to have /boot on an unencrypted partition?
- krolden ( @krolden@lemmy.ml ) 1•5 months ago
Oh yeah duh
- krolden ( @krolden@lemmy.ml ) 2•5 months ago
How long do you wait before you declare it hung?
Sometimes decryption takes up to a minute depending on your system specs and optimizations.
I suggest booting from a live disc and trying to unlock it from there.
10m is when I throw my hands up. Normally it takes under 20s.
- The Doctor ( @drwho@beehaw.org ) English4•5 months ago
That’s more than a reasonable period of time to wait.
Can you run a SMART check on the drive from a liveCD? memtest86?
An extended test using
nvme-cli
showed zero errors. I’ll try memtest later today.
- krolden ( @krolden@lemmy.ml ) 2•5 months ago
Paste the output of
cryptsetup benchmark
# Tests are approximate using memory only (no storage IO). PBKDF2-sha1 2957901 iterations per second for 256-bit key PBKDF2-sha256 4946113 iterations per second for 256-bit key PBKDF2-sha512 1945410 iterations per second for 256-bit key PBKDF2-ripemd160 1123875 iterations per second for 256-bit key PBKDF2-whirlpool 773286 iterations per second for 256-bit key argon2i 8 iterations, 1048576 memory, 4 parallel threads (CPUs) for 256-bit key (requested 2000 ms time) argon2id 8 iterations, 1048576 memory, 4 parallel threads (CPUs) for 256-bit key (requested 2000 ms time) # Algorithm | Key | Encryption | Decryption aes-cbc 128b 1794.0 MiB/s 6427.8 MiB/s serpent-cbc 128b 107.4 MiB/s 765.7 MiB/s twofish-cbc 128b 275.7 MiB/s 498.2 MiB/s aes-cbc 256b 1392.5 MiB/s 5266.3 MiB/s serpent-cbc 256b 114.8 MiB/s 798.4 MiB/s twofish-cbc 256b 284.6 MiB/s 498.7 MiB/s aes-xts 256b 5290.1 MiB/s 5322.6 MiB/s serpent-xts 256b 697.6 MiB/s 635.9 MiB/s twofish-xts 256b 403.4 MiB/s 413.4 MiB/s aes-xts 512b 4070.4 MiB/s 4048.9 MiB/s serpent-xts 512b 664.6 MiB/s 642.0 MiB/s twofish-xts 512b 417.6 MiB/s 421.7 MiB/s
- krolden ( @krolden@lemmy.ml ) 1•5 months ago
how about
systemd-analyze
andcryptsetup luksDump | grep Slot
I’m not using systemd. Grepping on
Slot
doesn’t return any results.LUKS header information Version: 2 Epoch: 3 Metadata area: 16384 [bytes] Keyslots area: 16744448 [bytes] UUID: Label: (no label) Subsystem: (no subsystem) Flags: (no flags) Data segments: 0: crypt offset: 16777216 [bytes] length: (whole device) cipher: aes-xts-plain64 sector: 512 [bytes] Keyslots: 0: luks2 Key: 512 bits Priority: normal Cipher: aes-xts-plain64 Cipher key: 512 bits PBKDF: argon2id Time cost: 8 Memory: 1048576 Threads: 4 Salt: AF stripes: 4000 AF hash: sha512 Area offset:32768 [bytes] Area length:258048 [bytes] Digest ID: 0
- Sayantan Mandal ( @ironclad_chomskyan@mastodon.social ) 2•5 months ago
- michael_palmer ( @michael_palmer@lemmy.sdf.org ) 1•5 months ago
Today it happened for the first time for me. I use arch btw.