PC stopped asking for system decryption password

43e · 22 May 2025 16:13

Hi. A few weeks ago I switched into testing. I’ve used Arch in another computer for a decade so I thought it would be fine.

Today my computer was crashing when booting. I suspected it was related to NVidia, so decided to undo yesterday’s update. I installed the previous versions of

lib32-nvidia-utils-570.153.02-1  libxnvctrl-570.153.02-1  linux61-6.1.139-1  linux61-headers-6.1.139-1  linux61-nvidia-570.153.02-1
linux61-virtualbox-host-modules-7.1.8-7  mhwd-nvidia-570.153.02-1  nvidia-settings-570.153.02-1  nvidia-utils-570.153.02-1
opencl-nvidia-570.153.02-1

It still wouldn’t boot, so I spent 5 or 6 hours rebooting and chrooting. The boot partition was full. After many tries, the computer now boots but the strange thing is that it does not ask for a disk decryption key. The disk is btrfs and uses LUKS.

I think the only thing I did was to run mkinitcpio -P, grub-mkconfig and grub-install.

How can I make the computer unbootable again without the decryption key?

Something else which I don’t remember seeing before is the mount point being /var/cache. Isn’t that odd?

$ lsblk -a -fs
NAME                                      FSTYPE      FSVER LABEL    UUID                                 FSAVAIL FSUSE% MOUNTPOINTS
luks-b0a35949-1ae3-43bb-9d72-???????????? btrfs                      d7fa9c05-d68f-4aaf-94a9-xxxxxxxxxxxx                /var/cache
└─nvme0n1p2                               crypto_LUKS 1              b0a35949-1ae3-43bb-9d72-????????????                
  └─nvme0n1                                                                                                              
nvme0n1p1                                 vfat        FAT32 NO_LABEL FCE9-????                             115,1M    62% /boot/efi
└─nvme0n1

Thank you!

Aragorn · 22 May 2025 19:33

I’m afraid I cannot help you with the LUKS thing, but if you accepted the defaults for a btrfs installation, then you should have four btrfs subvolumes…:

@ — mounted at /
@home — mounted at /home
@cache — mounted at /var/cache
@log — mounted at /var/log

The idea behind this layout — which I personally do not support, mind you — is that timeshift would only create snapshots of the @ subolume, so that you would still be able to inspect the logs in /var/log after rolling back a snapshot, and because anything in /var/cache is expendable and replaceable.

And the contents of /home should of course be independent from operating system snapshots.

43e · 27 May 2025 09:17

Thank you for your answer. I do not use timeshift.

And I managed to fix it

I compared the /boot/ folder from broken system with another working one, noticed several nested efi or EFI folders, so I deleted those folders and repeated the mkinitcpio and grub commands and now it works as expected.

I still would like to understand how is it possible that the system was booting without prompting a password if the disk is encrypted. Makes me worried about how safe it is.

system · 30 May 2025 09:18

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.