Hello,
In case someone else needs it, a workaround for the common use case of using the `decrypt_derived` keyscript to unlock partitions is to save the derived key into a file on the encrypted partition that you would otherwise derive from (make sure only root can access it). This at least works for the encrypted root partition on which others depend on and is as secure as using the decrypt_derived keyscript. http://gw.tnode.com/debian/issues-and-workarounds-for-debian-8/ Greetings, gw