I followed the following steps:
The problem was not solved, the errors come, but after entering the passphrase for the second time, my system boots. I have to enter the passphrase two times for my system to boot. Very weird…
I had a similar problem (enter passphrase two times before booting). This was caused by bad RAM changing files on my filesystem (BTRFS). Can you verify that your system memory is working (for example with https://memtest.org/)?
Memory seems fine, Memtest shows no errors…
I am having the same issue on two machines and this started happening after the recent Manjaro System update, both machines are relatively new.
Maybe rebuilding the kernel could help? You can select an older kernel during boot and the remove + add the kernel in the graphical kernel overview.
I was using “6.1.22-1 LTS”, I installed “6.2.9-1” then rebooted using that, I then uninstalled “6.1.22-1 LTS”, rebooted, reinstalled “6.1.22-1 LTS”, rebooted then uninstalled “6.2.9-1”. Now I am running on “6.1.22-1 LTS” again 
After each reboot the errors were showing and I had to enter the passphrase two times for the system to boot
I just did a fresh Virtualbox VM with 22.0.5 as base and updated to today’s stable update of 2023-04-11. The install used the automatic install mode with LUKS encryption using a normal password.
Boot process:
- grub loads and ask for the password
- after entering that it takes a short while
- the
cryptomount -uerror happens: [PATCH v5 5/9] cryptodisk: Improve cryptomount -u error message - waiting or pressing any key continues the boot process
Now I’ve to see what changed and how to get that message away.
how I got rid of the nag screen
- I had to reinstall grub via
grub-install --force --target=i386-pc --recheck --boot-directory=/boot /dev/sda - then I ran
update-grubto regenerate the menu
This got rid of the nag screen not finding the right partition.
Lets analyze the grub.cfg file of the old grub installed to MBR on this BIOS VM:
So it loads the needed modules. calls cryptomount -u and points to the right partitions.
After I also updated grub on MBR we got this menu entry for the same 6.1 kernel:
More or less it is the same entry as we had before. So the only change most likely made is on the binary files which got installed by the package update of grub package. Most similar on that issue, on which we reverted those modifications to call fwsetup: Arch Linux - News: Grub bootloader upgrade and configuration incompatibilities
Me and the dashes …
Seems grub 2.06-r261 has the cryptomount -u cmd without the dashes and with 2.06-r456 those got added. So removing the dashes from the cmd “fixes” the issue. However, those changes are common and only get fixed when grub matches the binaries of the package and the version installed on MBR/EFI.
So what is the real issue now?
- commit 3cf2e84 changes how UUIDs for cryptodisk got handled.
- a user can now specify UUID strings with dashes, instead of having to remove
dashes. This is backwards-compatibility preserving and also fixes a source
of user confusion over the inconsistency with how UUIDs are specified
between file system UUIDs and cryptomount UUIDs. Since cryptsetup, the
reference implementation for LUKS, displays and generates UUIDs with dashes
there has been additional confusion when using the UUID strings from
cryptsetup as exact input into GRUB does not find the expected cryptodisk. - since we never update the corresponding MBR/EFI installation of grub, which needs to been called via
grub-installand the parameters used to install grub the first time those changes in the binary files of the grub package won’t match the expectations the older grub may have fromgrub.cfgfile. Hence it is a breaking change for older installations - Is Arch affected by this? Most likely yes when they updated their package to 2:2.06.r380.g151467888-1. But there people expect to know on how to fix issues with grub, especially when you use LUKS FDE.
What is the real fix?
Well Arch needs to fix on how it installs grub to begin with as upstream expects to have their binaries in sync with what the package installs on your hard drive and what is installed in your MBR/EFI.
Is there a workaround?
Sure, you can modify /usr/bin/update-grub by removing execand add the following line: sed -i -e '/cryptomount -u/ {s/-//g;s/ u/ -u/g}' /boot/grub/grub.cfg after the line which starts now with grub-mkconfig ...
How can I avoid all of that matter?
Simply put grub into the package ignore list as grub won’t get properly installed anyway.
What about security updates?
Well, you’re the admin of your machine. Update grub package and keep your MBR/EFI installation of grub in-sync
6 Likes
Confirm, reinstalling grub and then update-grub worked for me
I’ve added a workaround for the main issue we are facing here. This way grub doesn’t need to been updated on MBR/EFI. Simply a package update of the grub package is enough. update-grub script will handle the issue with the dashes: [pkg-upd] 2.06.r456.g65bc45963-6 (6eca32e6) · Commits · Packages / Core / grub · GitLab
sudo pacman -U https://mirror.easyname.at/manjaro/pool/overlay/grub-2.06.r456.g65bc45963-6-x86_64.pkg.tar.zst
It would be good if people who already have updated via grub-install ... to 2.06-r456 on MBR/EFI to check if still all works.
2 Likes
Thank you, when will this package be available through the public repositories?
Currently I can only see version “2.06.r456.g65bc45963-4” through the package manager…
I mean available in the stable branch
When we’re sure that version actually fixes the problem and doesn’t break everyone’s system. 
1 Like
Until the grub-update reaches the official repo, I managed to boot my fully encrypted Manjaro system using “Super Grub2 Disk Beta”
Steps I did:
Visit: Super Grub2 Disk Beta
Download supergrub2-classic-2.06s2-beta1-multiarch-CD.iso
Write the *.ISO file to a USB Stick using this command:
(edit [PathToSuperGrub2ISO] & [SDXXX])
sudo dd if=/home/...[PathToSuperGrub2ISO].../supergrub2-classic-2.06s2-beta1-multiarch-CD.iso of=/dev/[SDXXX] bs=4M status=progress && sync
From your BIOS boot menu select booting from the USB Stick.
From the “Super Grub2 Disk Beta” menu choose "Detect…"
After that choose your Manjaro partion…
That Super Grub2 Disk Beta might also not work as it is an older version which doesn’t has the dashes support. That got added in December 2022 to a more modern grub version which is not released. Those changes will be included in 2.08 version of grub. So people simply call the pacman cmd as I compiled grub against stable branch anyway. I simply didn’t upload it there yet …
1 Like
Please also have a look at:
I’m not affected, so I just skimmed over this long thread and am sorry, if this has been mentioned before:
If you get dropped into grub recovery console because cryptomount failed, you can execute it manually. For example, /boot is on the second partition of the first disk:
cryptomount (hd0,gpt2) or alternatively cryptomount -u <uuid>
it should ask for the pass again. Once that succeeds to unlock, execute:
insmod normal
normal
should be all you need to get started. source
I installed the update, but I still need to enter the password twice and still getting the following error:
Installed Manjaro like 6 weeks ago.
Got hit by this issue after the 7gb update but only with the “click button to continue” thing. Since i rarely reboot i did not do anything in this thread but keeped a very close eye on it.
As of the update 15min ago the issue is fixed.
Instead of the warning i will now see the boot menu for 3 seconds and then Manjaro loads with no issues. I also updated to the 6.2 kernel in the process.
Dont get the crypt error msg anymore.
@boustanihani well. You may want to post the content of your /etc/fstab file and compare it with the cryptomount llines of your /boot/grub/grub.cfg file. If you have dashes in the grub.cfg file for the UUID remove them in all the lines you find the word cryptomount and save the file. That is what the updated /usr/bin/update-grub does. You can re-read my more lengthy posts, as I explained the issue in rich details. Only updating the grub packages won’t update the grub install on you MBR/EFI. So you have to call grub-install ... at some point to fix it properly.
Thank you Philip, I was able to solve two of the errors.
Removing the dashes in /boot/grub/grub.cfg and calling grub-install fixed the “no such cryptodisk found…” error.
In “/etc/default/grub” I changed:
GRUB_SAVEDEFAULT=true
GRUB_DEFAULT=saved
To
GRUB_SAVEDEFAULT=false
GRUB_DEFAULT=0
This is how I fixed the “sparse file not allowed…” error.
Check: GRUB error: sparse file not allowed
Caution: Calling grub-mkconfig -o /boot/grub/grub.cfg regenerates the dashes in /boot/grub/grub.cfg
Now, I am only getting the “out of range pointer…” error , but after entering the password twice, the system boots correctly =>
452: out of range pointer: 0x95d6a020
Aborted. Press any key to exit.
