Can't boot Arch Linux after installation with dm-crypt whole system encryption (BIOS)

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
0
down vote

favorite












So I'm installing a new Arch with the document here for a whole system encryption.



The first part I get confused is here which the document wrote:




Warning: GRUB does not support LUKS2. Do not use LUKS2 on partitions that GRUB needs to access.




But in the later part of the section, it told me to run the command cryptsetup luksFormat /dev/sda3. But as I run it it ask for a password but doesn't it said GRUB doesn't support LUKS2?



Later I enter the password, go down through to grub installing which I run grub-mkconfig -o /boot/grub/grub.cfg and it said filaed to connect lvmetad, but since it's warning I ignored it.



Later I go through the process till the last part without getting any error.



But then I exit arch-chroot and reboot but it can't boot, it skipped to next OS (which is Windows 10 in my case), why? Which part did I get wrong? How to solve it?



P.S. Here is a table of my disk with command lsblk



NAME SIZE TYPE MOUNTPOINT
sda 114.6G disk
sda1 4G part
sda2 4G part /mnt/boot/efi
sda3 16G part
cryptboot 16G crypt /mnt/boot
sda4 90.6G part
lvm 90.6G crypt
AALEvol-swap 8G lvm [SWAP]
AALEvol-root 82.6G lvm /mnt






share|improve this question




















  • Did you add an entry for Arch in your grub config as per the wiki? Post the config.
    – jasonwryan
    Feb 18 at 3:33











  • And why do you have an ESP (/boot/efi) is this is a BIOS install?
    – jasonwryan
    Feb 18 at 4:08










  • @jasonwryan First the document said it can run on UEFI and second in truly running on UEFI and third I install grub with x86_64-efi
    – Andrew-at-TW
    Feb 18 at 4:10










  • Of course Grub can work with UEFI: but your question title explicitly mentions BIOS (MBR).
    – jasonwryan
    Feb 18 at 5:11










  • @jasonwryan I'm just specifying way sine there is many section in the document
    – Andrew-at-TW
    Feb 18 at 7:25














up vote
0
down vote

favorite












So I'm installing a new Arch with the document here for a whole system encryption.



The first part I get confused is here which the document wrote:




Warning: GRUB does not support LUKS2. Do not use LUKS2 on partitions that GRUB needs to access.




But in the later part of the section, it told me to run the command cryptsetup luksFormat /dev/sda3. But as I run it it ask for a password but doesn't it said GRUB doesn't support LUKS2?



Later I enter the password, go down through to grub installing which I run grub-mkconfig -o /boot/grub/grub.cfg and it said filaed to connect lvmetad, but since it's warning I ignored it.



Later I go through the process till the last part without getting any error.



But then I exit arch-chroot and reboot but it can't boot, it skipped to next OS (which is Windows 10 in my case), why? Which part did I get wrong? How to solve it?



P.S. Here is a table of my disk with command lsblk



NAME SIZE TYPE MOUNTPOINT
sda 114.6G disk
sda1 4G part
sda2 4G part /mnt/boot/efi
sda3 16G part
cryptboot 16G crypt /mnt/boot
sda4 90.6G part
lvm 90.6G crypt
AALEvol-swap 8G lvm [SWAP]
AALEvol-root 82.6G lvm /mnt






share|improve this question




















  • Did you add an entry for Arch in your grub config as per the wiki? Post the config.
    – jasonwryan
    Feb 18 at 3:33











  • And why do you have an ESP (/boot/efi) is this is a BIOS install?
    – jasonwryan
    Feb 18 at 4:08










  • @jasonwryan First the document said it can run on UEFI and second in truly running on UEFI and third I install grub with x86_64-efi
    – Andrew-at-TW
    Feb 18 at 4:10










  • Of course Grub can work with UEFI: but your question title explicitly mentions BIOS (MBR).
    – jasonwryan
    Feb 18 at 5:11










  • @jasonwryan I'm just specifying way sine there is many section in the document
    – Andrew-at-TW
    Feb 18 at 7:25












up vote
0
down vote

favorite









up vote
0
down vote

favorite











So I'm installing a new Arch with the document here for a whole system encryption.



The first part I get confused is here which the document wrote:




Warning: GRUB does not support LUKS2. Do not use LUKS2 on partitions that GRUB needs to access.




But in the later part of the section, it told me to run the command cryptsetup luksFormat /dev/sda3. But as I run it it ask for a password but doesn't it said GRUB doesn't support LUKS2?



Later I enter the password, go down through to grub installing which I run grub-mkconfig -o /boot/grub/grub.cfg and it said filaed to connect lvmetad, but since it's warning I ignored it.



Later I go through the process till the last part without getting any error.



But then I exit arch-chroot and reboot but it can't boot, it skipped to next OS (which is Windows 10 in my case), why? Which part did I get wrong? How to solve it?



P.S. Here is a table of my disk with command lsblk



NAME SIZE TYPE MOUNTPOINT
sda 114.6G disk
sda1 4G part
sda2 4G part /mnt/boot/efi
sda3 16G part
cryptboot 16G crypt /mnt/boot
sda4 90.6G part
lvm 90.6G crypt
AALEvol-swap 8G lvm [SWAP]
AALEvol-root 82.6G lvm /mnt






share|improve this question












So I'm installing a new Arch with the document here for a whole system encryption.



The first part I get confused is here which the document wrote:




Warning: GRUB does not support LUKS2. Do not use LUKS2 on partitions that GRUB needs to access.




But in the later part of the section, it told me to run the command cryptsetup luksFormat /dev/sda3. But as I run it it ask for a password but doesn't it said GRUB doesn't support LUKS2?



Later I enter the password, go down through to grub installing which I run grub-mkconfig -o /boot/grub/grub.cfg and it said filaed to connect lvmetad, but since it's warning I ignored it.



Later I go through the process till the last part without getting any error.



But then I exit arch-chroot and reboot but it can't boot, it skipped to next OS (which is Windows 10 in my case), why? Which part did I get wrong? How to solve it?



P.S. Here is a table of my disk with command lsblk



NAME SIZE TYPE MOUNTPOINT
sda 114.6G disk
sda1 4G part
sda2 4G part /mnt/boot/efi
sda3 16G part
cryptboot 16G crypt /mnt/boot
sda4 90.6G part
lvm 90.6G crypt
AALEvol-swap 8G lvm [SWAP]
AALEvol-root 82.6G lvm /mnt








share|improve this question











share|improve this question




share|improve this question










asked Feb 18 at 3:24









Andrew-at-TW

6818




6818











  • Did you add an entry for Arch in your grub config as per the wiki? Post the config.
    – jasonwryan
    Feb 18 at 3:33











  • And why do you have an ESP (/boot/efi) is this is a BIOS install?
    – jasonwryan
    Feb 18 at 4:08










  • @jasonwryan First the document said it can run on UEFI and second in truly running on UEFI and third I install grub with x86_64-efi
    – Andrew-at-TW
    Feb 18 at 4:10










  • Of course Grub can work with UEFI: but your question title explicitly mentions BIOS (MBR).
    – jasonwryan
    Feb 18 at 5:11










  • @jasonwryan I'm just specifying way sine there is many section in the document
    – Andrew-at-TW
    Feb 18 at 7:25
















  • Did you add an entry for Arch in your grub config as per the wiki? Post the config.
    – jasonwryan
    Feb 18 at 3:33











  • And why do you have an ESP (/boot/efi) is this is a BIOS install?
    – jasonwryan
    Feb 18 at 4:08










  • @jasonwryan First the document said it can run on UEFI and second in truly running on UEFI and third I install grub with x86_64-efi
    – Andrew-at-TW
    Feb 18 at 4:10










  • Of course Grub can work with UEFI: but your question title explicitly mentions BIOS (MBR).
    – jasonwryan
    Feb 18 at 5:11










  • @jasonwryan I'm just specifying way sine there is many section in the document
    – Andrew-at-TW
    Feb 18 at 7:25















Did you add an entry for Arch in your grub config as per the wiki? Post the config.
– jasonwryan
Feb 18 at 3:33





Did you add an entry for Arch in your grub config as per the wiki? Post the config.
– jasonwryan
Feb 18 at 3:33













And why do you have an ESP (/boot/efi) is this is a BIOS install?
– jasonwryan
Feb 18 at 4:08




And why do you have an ESP (/boot/efi) is this is a BIOS install?
– jasonwryan
Feb 18 at 4:08












@jasonwryan First the document said it can run on UEFI and second in truly running on UEFI and third I install grub with x86_64-efi
– Andrew-at-TW
Feb 18 at 4:10




@jasonwryan First the document said it can run on UEFI and second in truly running on UEFI and third I install grub with x86_64-efi
– Andrew-at-TW
Feb 18 at 4:10












Of course Grub can work with UEFI: but your question title explicitly mentions BIOS (MBR).
– jasonwryan
Feb 18 at 5:11




Of course Grub can work with UEFI: but your question title explicitly mentions BIOS (MBR).
– jasonwryan
Feb 18 at 5:11












@jasonwryan I'm just specifying way sine there is many section in the document
– Andrew-at-TW
Feb 18 at 7:25




@jasonwryan I'm just specifying way sine there is many section in the document
– Andrew-at-TW
Feb 18 at 7:25










1 Answer
1






active

oldest

votes

















up vote
0
down vote



accepted










Create a partition on beginning of your Hard Disk Drive, it's size should be between 600 MB and 1GB, and in Linux setup mark that partition as /boot partition. You shouldn't encrypt the boot partition as none of your potentially sensitive data will be written to it.



If you want to wipe the entire Hard Disk Drive before re-partitioning, i suggest you use fdisk -l | more to list all your Hard Disk Drives and all partitions on them, then when you find the drive do
dd if=/dev/urandom of=/dev/sd(X) where X is your HDD letter.



Then create other partitions which will be encrypted: 1./SWAP, 2./ROOT and 3. /HOME (optional).






share|improve this answer




















  • I think mine sda1 is use as boot (unencrypted) according to the documentation (/Dev/sdaW) but don't know why it isn't used in the documentation?
    – Andrew-at-TW
    Feb 18 at 3:47










  • Because people can but don't have to install Linux on /dev/sda1 (first HDD and first partition on it). It can be installed on any HDD and any partition.
    – Fido-X
    Feb 18 at 3:55










  • Use fdisk -l | more to list all partitions, don't play around with "I think", you must be certain or you'll mess something up -- in computer world everything should be accurate.
    – Fido-X
    Feb 18 at 3:58










  • Here is the partition list
    – Andrew-at-TW
    Feb 18 at 4:03










  • But if you look back at the document preparing boot section it said create luks container at sda3 which should be mount at /boot/efi?
    – Andrew-at-TW
    Feb 18 at 4:05










Your Answer







StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: false,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);








 

draft saved


draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f424899%2fcant-boot-arch-linux-after-installation-with-dm-crypt-whole-system-encryption%23new-answer', 'question_page');

);

Post as a guest






























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
0
down vote



accepted










Create a partition on beginning of your Hard Disk Drive, it's size should be between 600 MB and 1GB, and in Linux setup mark that partition as /boot partition. You shouldn't encrypt the boot partition as none of your potentially sensitive data will be written to it.



If you want to wipe the entire Hard Disk Drive before re-partitioning, i suggest you use fdisk -l | more to list all your Hard Disk Drives and all partitions on them, then when you find the drive do
dd if=/dev/urandom of=/dev/sd(X) where X is your HDD letter.



Then create other partitions which will be encrypted: 1./SWAP, 2./ROOT and 3. /HOME (optional).






share|improve this answer




















  • I think mine sda1 is use as boot (unencrypted) according to the documentation (/Dev/sdaW) but don't know why it isn't used in the documentation?
    – Andrew-at-TW
    Feb 18 at 3:47










  • Because people can but don't have to install Linux on /dev/sda1 (first HDD and first partition on it). It can be installed on any HDD and any partition.
    – Fido-X
    Feb 18 at 3:55










  • Use fdisk -l | more to list all partitions, don't play around with "I think", you must be certain or you'll mess something up -- in computer world everything should be accurate.
    – Fido-X
    Feb 18 at 3:58










  • Here is the partition list
    – Andrew-at-TW
    Feb 18 at 4:03










  • But if you look back at the document preparing boot section it said create luks container at sda3 which should be mount at /boot/efi?
    – Andrew-at-TW
    Feb 18 at 4:05














up vote
0
down vote



accepted










Create a partition on beginning of your Hard Disk Drive, it's size should be between 600 MB and 1GB, and in Linux setup mark that partition as /boot partition. You shouldn't encrypt the boot partition as none of your potentially sensitive data will be written to it.



If you want to wipe the entire Hard Disk Drive before re-partitioning, i suggest you use fdisk -l | more to list all your Hard Disk Drives and all partitions on them, then when you find the drive do
dd if=/dev/urandom of=/dev/sd(X) where X is your HDD letter.



Then create other partitions which will be encrypted: 1./SWAP, 2./ROOT and 3. /HOME (optional).






share|improve this answer




















  • I think mine sda1 is use as boot (unencrypted) according to the documentation (/Dev/sdaW) but don't know why it isn't used in the documentation?
    – Andrew-at-TW
    Feb 18 at 3:47










  • Because people can but don't have to install Linux on /dev/sda1 (first HDD and first partition on it). It can be installed on any HDD and any partition.
    – Fido-X
    Feb 18 at 3:55










  • Use fdisk -l | more to list all partitions, don't play around with "I think", you must be certain or you'll mess something up -- in computer world everything should be accurate.
    – Fido-X
    Feb 18 at 3:58










  • Here is the partition list
    – Andrew-at-TW
    Feb 18 at 4:03










  • But if you look back at the document preparing boot section it said create luks container at sda3 which should be mount at /boot/efi?
    – Andrew-at-TW
    Feb 18 at 4:05












up vote
0
down vote



accepted







up vote
0
down vote



accepted






Create a partition on beginning of your Hard Disk Drive, it's size should be between 600 MB and 1GB, and in Linux setup mark that partition as /boot partition. You shouldn't encrypt the boot partition as none of your potentially sensitive data will be written to it.



If you want to wipe the entire Hard Disk Drive before re-partitioning, i suggest you use fdisk -l | more to list all your Hard Disk Drives and all partitions on them, then when you find the drive do
dd if=/dev/urandom of=/dev/sd(X) where X is your HDD letter.



Then create other partitions which will be encrypted: 1./SWAP, 2./ROOT and 3. /HOME (optional).






share|improve this answer












Create a partition on beginning of your Hard Disk Drive, it's size should be between 600 MB and 1GB, and in Linux setup mark that partition as /boot partition. You shouldn't encrypt the boot partition as none of your potentially sensitive data will be written to it.



If you want to wipe the entire Hard Disk Drive before re-partitioning, i suggest you use fdisk -l | more to list all your Hard Disk Drives and all partitions on them, then when you find the drive do
dd if=/dev/urandom of=/dev/sd(X) where X is your HDD letter.



Then create other partitions which will be encrypted: 1./SWAP, 2./ROOT and 3. /HOME (optional).







share|improve this answer












share|improve this answer



share|improve this answer










answered Feb 18 at 3:42









Fido-X

1225




1225











  • I think mine sda1 is use as boot (unencrypted) according to the documentation (/Dev/sdaW) but don't know why it isn't used in the documentation?
    – Andrew-at-TW
    Feb 18 at 3:47










  • Because people can but don't have to install Linux on /dev/sda1 (first HDD and first partition on it). It can be installed on any HDD and any partition.
    – Fido-X
    Feb 18 at 3:55










  • Use fdisk -l | more to list all partitions, don't play around with "I think", you must be certain or you'll mess something up -- in computer world everything should be accurate.
    – Fido-X
    Feb 18 at 3:58










  • Here is the partition list
    – Andrew-at-TW
    Feb 18 at 4:03










  • But if you look back at the document preparing boot section it said create luks container at sda3 which should be mount at /boot/efi?
    – Andrew-at-TW
    Feb 18 at 4:05
















  • I think mine sda1 is use as boot (unencrypted) according to the documentation (/Dev/sdaW) but don't know why it isn't used in the documentation?
    – Andrew-at-TW
    Feb 18 at 3:47










  • Because people can but don't have to install Linux on /dev/sda1 (first HDD and first partition on it). It can be installed on any HDD and any partition.
    – Fido-X
    Feb 18 at 3:55










  • Use fdisk -l | more to list all partitions, don't play around with "I think", you must be certain or you'll mess something up -- in computer world everything should be accurate.
    – Fido-X
    Feb 18 at 3:58










  • Here is the partition list
    – Andrew-at-TW
    Feb 18 at 4:03










  • But if you look back at the document preparing boot section it said create luks container at sda3 which should be mount at /boot/efi?
    – Andrew-at-TW
    Feb 18 at 4:05















I think mine sda1 is use as boot (unencrypted) according to the documentation (/Dev/sdaW) but don't know why it isn't used in the documentation?
– Andrew-at-TW
Feb 18 at 3:47




I think mine sda1 is use as boot (unencrypted) according to the documentation (/Dev/sdaW) but don't know why it isn't used in the documentation?
– Andrew-at-TW
Feb 18 at 3:47












Because people can but don't have to install Linux on /dev/sda1 (first HDD and first partition on it). It can be installed on any HDD and any partition.
– Fido-X
Feb 18 at 3:55




Because people can but don't have to install Linux on /dev/sda1 (first HDD and first partition on it). It can be installed on any HDD and any partition.
– Fido-X
Feb 18 at 3:55












Use fdisk -l | more to list all partitions, don't play around with "I think", you must be certain or you'll mess something up -- in computer world everything should be accurate.
– Fido-X
Feb 18 at 3:58




Use fdisk -l | more to list all partitions, don't play around with "I think", you must be certain or you'll mess something up -- in computer world everything should be accurate.
– Fido-X
Feb 18 at 3:58












Here is the partition list
– Andrew-at-TW
Feb 18 at 4:03




Here is the partition list
– Andrew-at-TW
Feb 18 at 4:03












But if you look back at the document preparing boot section it said create luks container at sda3 which should be mount at /boot/efi?
– Andrew-at-TW
Feb 18 at 4:05




But if you look back at the document preparing boot section it said create luks container at sda3 which should be mount at /boot/efi?
– Andrew-at-TW
Feb 18 at 4:05












 

draft saved


draft discarded


























 


draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f424899%2fcant-boot-arch-linux-after-installation-with-dm-crypt-whole-system-encryption%23new-answer', 'question_page');

);

Post as a guest













































































Popular posts from this blog

How to check contact read email or not when send email to Individual?

Displaying single band from multi-band raster using QGIS

How many registers does an x86_64 CPU actually have?