Back to Dm-crypt.
When encrypting a system it is necessary to regenerate the initial ramdisk after properly configuring mkinitcpio. Depending on the particular scenarios, a subset of the following hooks will have to be enabled:
encrypt: always needed when encrypting the root partition, or a partition that needs to be mounted before root; it must come before the
filesystemshook; it is not needed in all the other cases, as system initialization scripts like
/etc/crypttabtake care of unencrypting any other partitions.
shutdown: highly recommended, ensures controlled unmounting during system shutdown.
keymap: provides support for foreign keymaps for typing encryption passwords; it must come before the
keyboard: needed to make USB keyboards work in early userspace.
usbinput: deprecated, but can be given a try in case
keyboarddoes not work.
Other hooks needed should be clear from other manual steps followed during the installation of the system.