Home
When installing I am using BTRFS instead of ext4 - I did select encrypt the partition with passwords. But post installation the system doesn’t stop to ask password for decryption the partition and takes me straight to the log in screen.
Is encrypting partition possible ? and is it possible with BTRFS or should I stay with ext4 ?
I tried installing twice and both the times it didn’t work.
cat /etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a device; this may
# be used with UUID= as a more robust way to name devices that works even if
# disks are added and removed. See fstab(5).
#
# <file system> <mount point> <type> <options> <dump> <pass>
UUID=C37A-B8C1 /boot/efi vfat umask=0077 0 2
UUID=9b64d87d-8ad9-42fa-a59f-d4eb33070944 / btrfs subvol=/@,defaults 0 0
UUID=9b64d87d-8ad9-42fa-a59f-d4eb33070944 /var/cache btrfs subvol=/@cache,defaults 0 0
UUID=9b64d87d-8ad9-42fa-a59f-d4eb33070944 /var/log btrfs subvol=/@log,defaults 0 0
UUID=3f62b76c-b852-4ba2-9fa5-e1d0b38cf631 /home btrfs defaults 0 0
cat /etc/crypttab
# /etc/crypttab: mappings for encrypted partitions.
#
# Each mapped device will be created in /dev/mapper, so your /etc/fstab
# should use the /dev/mapper/<name> paths for encrypted devices.
#
# See crypttab(5) for the supported syntax.
#
# NOTE: You need not list your root (/) partition here, but it must be set up
# beforehand by the initramfs (/etc/mkinitcpio.conf). The same applies
# to encrypted swap, which should be set up with mkinitcpio-openswap
# for resume support.
#
# <name> <device> <password> <options>
I am using the KDE - Manjaro Team - Plasma Desktop Full.
I have partitioned my hard disk into the following
/dev/sda1 - for boot/efi
/dev/sda2 - Swap
/dev/sda3 - Root
/dev/sda4 - Home
I think this is an issue with Calameres - because I tried the same set up with Garuda which uses Calameres - encryption doesnt happen when you choose manual partition and assign the mount points.
Encryption only happen when you replace a partition, erase and install but in that case the default file type is ext4 - one cannot choose btrfs. Is this understanding correct ?
I installed these same partitions as in your description:
I encrypted only two Root and Home partitions, that works fine after installation:
$ cat /etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a device; this may
# be used with UUID= as a more robust way to name devices that works even if
# disks are added and removed. See fstab(5).
#
# <file system> <mount point> <type> <options> <dump> <pass>
UUID=1C8A-8C43 /boot/efi vfat umask=0077 0 2
/dev/mapper/luks-04608295-8148-46c1-bc20-0b6e1c23d940 / btrfs subvol=/@,defaults 0 0
/dev/mapper/luks-04608295-8148-46c1-bc20-0b6e1c23d940 /var/cache btrfs subvol=/@cache,defaults 0 0
/dev/mapper/luks-04608295-8148-46c1-bc20-0b6e1c23d940 /var/log btrfs subvol=/@log,defaults 0 0
/dev/mapper/luks-d66ce842-2f5e-499a-8518-a73cd00b246b /home btrfs defaults 0 0
UUID=8b7d5deb-0d61-4fcb-a67b-169b9c467b72 swap swap defaults,noatime 0 0
$ sudo cat /etc/crypttab
# /etc/crypttab: mappings for encrypted partitions.
#
# Each mapped device will be created in /dev/mapper, so your /etc/fstab
# should use the /dev/mapper/<name> paths for encrypted devices.
#
# See crypttab(5) for the supported syntax.
#
# NOTE: You need not list your root (/) partition here, but it must be set up
# beforehand by the initramfs (/etc/mkinitcpio.conf). The same applies
# to encrypted swap, which should be set up with mkinitcpio-openswap
# for resume support.
#
# <name> <device> <password> <options>
luks-04608295-8148-46c1-bc20-0b6e1c23d940 UUID=04608295-8148-46c1-bc20-0b6e1c23d940 /crypto_keyfile.bin luks
luks-d66ce842-2f5e-499a-8518-a73cd00b246b UUID=d66ce842-2f5e-499a-8518-a73cd00b246b /crypto_keyfile.bin luks
I too tried what you suggested but then I didn’t get the Encrypt option - are you creating the partition while installing ? Or did you create it prior to installation ?