Home | News | Download | Packages | Forum | Wiki | Github

Full disk encryption: key not asked at boot for kernels 4.12 and 4.9


My (old) laptop has full disk encryption and it always worked fine. But for some time, I can not boot it with kernel 4.12.13_1 nor with 4.9.50_1, as the system never asks for the cryptsetup password to unencrypt the disk. Only 4.10.17_1 works fine. I find this strange.

Am I the only one complaining?
Any ideas? Something missing from initrd?


Did you add a line like this: add_dracutmodules+=“crypt” in /etc/dracut.conf.d/crypt.conf?? Remember to reconfigure dracut.


Hi @rjb,

This problem happens only in my old laptop. I added the line as you said, but the issue remains. In my workstation, there’s no problem even without that line.

Hope someday systems programming goes functional so that many problems cease to exist.


Find encrypted parition’s UUID and add in /etc//default/grub in the line GRUB_CMDLINE_LINUX_DEFAULT=“rd.luks.uuid=XXXXXXXX … …”, where XXXXXXXX is the beginning UUID of your encrypted partition (there is no need to use whole UUID number). Then update-grub and reboot.


Hi @rjb,

In /dev/sda2 I’ve created a cryptsetup luks container.
Then I created a lvm volume group and a logical volume.

The UUID you mention is the /dev/sda2, right?
kernel 4.10 still boots fine, but 4.13 still not…



Yes the UUID I mentioned is the /dev/sda2 in your case.

Try add in that file /etc/dracut.conf.d/crypt.conf this: add_drivers+=“xts ecb”, below the previous line and reconfigure dracut and reboot.


Didn’t solve it.