Hi Rory, Rory Campbell-Lange <rory@campbell-lange.net> (2019-05-15): > I've installed a system with / on two disks in software RAID1 with > dm_crypt on top from a buster netinstall disk 20190429-03:57. > > I'm using a buster netinstall disk because the machine's ixgbe network > adapters aren't supported under stable. > > After a stable install and rebooting, it isn't possible to unencrypt > the RAIDed volume. I've ensured the password is correct by copying and > pasting on a serial console connection and also trying many times by > keyboard and ipmi virtual keyboard. I've also tried the reinstall over > 5 times with slightly different options including ensuring all available > kernel modules are installed. > > Mounting works fine if I install buster rather than stretch with exactly > the same configuration. > > Two questions: > > * could there be a problem in the stable component of the installer > for grub or other mising support for dm_crypt? > > * since I'm aiming to run stable on this machine but I need recent ixgbe > network modules anyway, can I install the kernel-image-4.19.0-0.bpo > backport package at the end of the installation process from a console? > I'm hoping this will also solve the mounting problem I'm experiencing. If you're installing stretch with a buster image, you're using cryptsetup-udeb from buster during the installation, which forcibly uses type luks2 for created encrypted devices; which then can't be opened by stretch's cryptsetup (that only knows about luks1). Incidently, offering an option to stick to luks1 is something I'm working on right now; you might try your luck without waiting for me, by patching the running installation system this way: once partman-crypto has been installed, locate lib/crypto-base.sh and apply this: - /sbin/cryptsetup -c $cipher-$iv -d $pass -h $hash -s $size create $mapping $device + /sbin/cryptsetup --type luks1 -c $cipher-$iv -d $pass -h $hash -s $size create $mapping $device Cheers, -- Cyril Brulebois (kibi@debian.org) <https://debamax.com/> D-I release manager -- Release team member -- Freelance Consultant
Attachment:
signature.asc
Description: PGP signature