Anyone know what to do about the "Please enter passphrase for disk myswap (swap)!" and "systemd-ask-password" msgs diplaying at bootup? Occurs with the Without suspend-to-disk mode. Voukait (talk) 07:32, 8 May 2016 (UTC)
- Which hooks do you use in mkinitcpio for the encryption? Any kernel parameter for "resume=" that might trigger it? --Indigo (talk) 09:32, 8 May 2016 (UTC)
- Ive been investigating this further and it appears that it is this issue. https://bbs.archlinux.org/viewtopic.php?id=176927 Which looks like the problem is caused by formating the partition as swap, and then the runtime encryption fails because it detects it as a swap drive. As soon as I can change the partition type, I will confirm.
Adding my 2cents here: I was having the same problem due to a mistake I made when following the steps. It seems that I had used the wrong cipher (i.e. I mixed two different techniques: with kernel naming and with label, because I did it all in order before encountering the warning about the potential changes of names and decided to adapt to it.) To correct it, I had to replace : safeSwap LABEL=cryptswap /dev/urandom swap,offset=2048,cipher=aes-cbc-essiv:sha256,size=512 #WRONG CIPHER METHOD with: safeSwap LABEL=cryptswap /dev/urandom swap,offset=2048,cipher=aes-xts-plain64,size=512 #WORKS LIKE A CHARM I therefore suggest emphasizing the fact that the chosen cipher type is important to save other people's time. I was maybe not the only one to fall for it, if I can refer to this thread: https://bbs.archlinux.org/viewtopic.php?id=193566 Bruno- (talk) 19:35, 5 September 2020 (UTC)
Dm-crypt/Swap + systemd-networkd = system not booting
I encountered issue on fresh install on small VPS (1Gb RAM, 1vCPU) that if I have systemd-networkd and crypt-swap then boot process hangs while waiting for crypt-swap device. Posted workaround here: https://bbs.archlinux.org/viewtopic.php?pid=1882917#p1882917
Alternative approach for ZFS with swap on a Luks partition
I am using the approach listed on this website,
With this approach the Luks cryptroot partition is partitioned further into a SWAP and ZFS root partition. The advantage of this approach is that a single password is needed for both ZFS and SWAP parition.
tune2fs -O read-only
In the section Without suspend-to-disk support > UUID and LABEL, wouldn’t it be a good idea to mark the ext2 filesystem as read-only with
tune2fs -O read-only?