Solved issue of having to enter password twice during boot

mainframed · 16 March 2026 19:30

Similar to other people¹ in this forum² I experienced a problem after installation of an encrypted system. I used the Calamares Installer.

During the first boot, the PC got stuck during the splash screen.
After going back to the live USB and turning off “quiet” and “splash”, I saw the problem: The encryption password is requested a second time during the “openswap” hook.

People in the linked thread tried various solutions. But to me it looks like most solved it only by either turning off swap and hibernation or not encrypting it anymore. Some ( Kielcelaria) where able to solve it, but their configuration could not help others.

I think I found the culprit: /etc/openswap.config.
The option unlock_method was set to password. I set it to keyfile and double checked/fixed all other configuration arguments. Finally, I recreated the initial ramdisk with sudo mkinitcpio -P. After booting everything worked flawlessly.

I’m not sure where this comes from. I would suspect either a bug in Calamares or some kind of interplay with the openswap package files overwriting the Calamares config?

I hope someone finds this useful. It was a very frustrating setup for me and took me a couple of hours to fix, even though it was a very small change.

If I find time, I will try to have a look at the Calameres source, if it is an easy fix and/or raise a bug ticket over there.

¹anon33601770, imre84
²Manjaro xfce asks for my luks password twice during bootup

Best regards,
Lucas

linux-aarhus · 17 March 2026 06:56

I believe it comes from the fact that the default unlock_method was previously keyfile.

But as you can see from the comments in the openswap.conf - this is discouraged by the upstream maintainers as it may cause data corruption.

Look up the supplied links in the configuration file to learn why this is discouraged.

The way to work around it

do not reboot after install
open the encrypted root using cryptsetup
mount the root according to filesystem
edit the <mountpoint>/etc/openswap.conf
change unlock_method to keyfile
save and reboot

The safer method - avoiding potential data corruption - do not use hibernation.

Hibernation is a thing of the past, where slow IDE disks and long startup times was the norm.

mainframed · 17 March 2026 18:57

O.k. understood.

But still I think there is either a need for a fix or at least for a big warning/discouragement during the installation. As of now, people will run into this problem if they select encryption+hibernation in the installer. And will only find out what the problem is after they tried booting and get stuck.

I will disable hibernation, since I don’t need it anymore. I used it heavily some years ago, when I was traveling more, had a lot of applications open, which I did not want to reopen everytime and wanted my system to be encrypted while traveling. I think this is still a valid use case.

Also I don’t really understand the warning. If I use the readonly mount, openswap should be safe, right? If not, why?