[Bug 468208] Re: cryptsetup passphrase prompt at boot not working if waiting too long (w/o usplash)

Diet Coker imagenesis at gmail.com
Sun Dec 8 00:23:32 UTC 2013 

This bug is still present. It is present not only on crypttab password
prompts but also on /ecryptfs password prompts.

Encryption on boot with password is utterly broken because of this, and
likely any other input at boot.

1. This issue still absolutely remains with the cryptsetup password prompts. 
2. With ecryptfs, even though it appears that nothing has stolen the keyboard focus (ie data does not appear to be printed past the Password: semicolon) the string that is actually sent from the password prompt is incorrect. Pressing the enter key either does not do anything or it sends the enter key as a character in the password prompt. 
3. This behavior also quite possibly messes up upstart event loop as evidenced by the following behavior:

If a mount of ecryptfs is after a mount of a swap from a cryptsetup
unencrypted /dev/mapper, it specifies that /dev/mapper disk does not
exist.

http://askubuntu.com/questions/387529/how-to-enable-crypttab-to-run-at-boot
http://askubuntu.com/questions/387463/how-to-decrypt-encryptfs-at-boot

As specified, when the ecryptfs mount entry in fstab is after the swap
mount, it specifies that the disk does not exist and completely skips
the ecryptfs mount without prompting for the password or recording said
failure in /var/log/boot.log.

This is a critical bug. How has this been festering for 4 years. Does no
one mount decrypt at boot?

Utter failure canonical.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/468208

Title:
  cryptsetup passphrase prompt at boot not working if waiting too long
  (w/o usplash)

Status in “cryptsetup” package in Ubuntu:
  Triaged

Bug description:
  Binary package hint: cryptsetup

  I have a LUKS-encrypted /home device (which in turn is a LVM
  partition). This setup worked very well until updating to 9.10.

  When booting, I am prompted for the passphrase (I always boot with the
  "nosplash" option). This passphrase prompt is soon spoiled by messages
  "waiting for <some mountpoint>", so the boot seems to continue.

  If ignoring these messages and just entering the passphrase (hitting
  the enter key in the end) works, if I am fast enough(!).

  However, waiting for some seconds (maybe 20), it is *not* possible to
  correctly enter the passphrase any more: hitting  the enter key after
  entering the passphrase does not start a new line or trigger any other
  notable action from cryptsetup (i.e., I don't get any "command failed"
  or "key slot xxx unlocked" messages). Hitting the enter key some times
  more does the job but the passphrase is rejected and asked for again
  up to three times. However, these new prompts always show the same
  behavior: hitting the enter key once does not start a new line or
  trigger the cryptsetup to continue as it should. Only hitting it some
  more times does but the passpharse is always rejected, even if entered
  correctly.

  It seems that something in the subsequent boot chain partly steals
  keyboard focus.

  Update 1 [see my comment 2 below]: This also affects recovery mode.

  Update 2: It is also worth to note that after enetring the wrong
  password three times, I have no possibility whatsoever to logon, even
  though this should be possible as only the /home partition is
  encrypted. I have to reboot and try again until I succeed. *Very*
  annoying.

  Update 3: It seems that specifying the "noearly" option in
  /etc/crypttab is a workaround for me (not systematically tested
  though).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/468208/+subscriptions

More information about the foundations-bugs mailing list