[Bug 1904270] Re: ubiquity does not support existing LUKS encrypted partitions
Nearing 2nd LTS release after the bug was reported and still no solution or even acknowledgement of how serious the problem is. To make it worse, in main desktop image they completely removed encryption option from manual disk partitioning screen. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1904270 Title: ubiquity does not support existing LUKS encrypted partitions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1904270/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1904270] Re: ubiquity does not support existing LUKS encrypted partitions
This problem's still there on 22.04. I simplified my notes on how to
workaround it, HTH:
**Ubuntu 22.04 and Newer: Extra Steps for Re-Using Existing LUKS Encrypted
Partition**
This has to be done using the Kubuntu or Ubuntu desktop live CD. Using the
Ubuntu Server Live CD (with text-based installer) doesn't work in either of
20.04 or 22.04 as the installer will just crash a few seconds after it starts
installing. Steps:
- Boot off Kubuntu Live CD, select Try Kubuntu to get the desktop
- Open a terminal and run: sudo cryptsetup luksOpen /dev/sdX sdX_crypt #replace
with nvme0nXpX or whatever the machine has
- Start the installer and run through it. The LVM LV's will appear in the
installer. Note that (as of 22.04 at least) makes you create an EFI system
partition - hopefully you have one even if it's unformatted
- End the installer and reboot as normal. You'll find it dumps you to an
initramfs prompt. At this point again run:
sudo cryptsetup luksOpen /dev/sdX sdX_crypt #replace with nvme0nXpX or whatever
the machine has
exit
It'll now continue booting successfully
- Once booted, create a valid /etc/crypttab:
sudo bash
export MAINLUKSPARTITION=sda4 # other examples: nvme0n1p3, whatever the machine
has
UUID=$(blkid -s UUID -o value /dev/${MAINLUKSPARTITION})
echo "${MAINLUKSPARTITION}_crypt UUID=${UUID} none luks,discard" >>
/etc/crypttab
cat /etc/crypttab
# check it looks right
update-initramfs -u -k all
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1904270
Title:
ubiquity does not support existing LUKS encrypted partitions
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1904270/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1904270] Re: ubiquity does not support existing LUKS encrypted partitions
Has anyone come up with a workaround for the "ValueError: encryption key or keyfile must be specified" bug? I'm trying to install Ubuntu Server 20.04.3 here, too, after manually creating a slightly tweaked LUKS device, and the installer keeps failing. Perhaps an older point-release of 20.04 still works? Thanks! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1904270 Title: ubiquity does not support existing LUKS encrypted partitions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1904270/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1904270] Re: ubiquity does not support existing LUKS encrypted partitions
Do you have to use the server installer to use the workaround or can the desktop installer do the same? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1904270 Title: ubiquity does not support existing LUKS encrypted partitions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1904270/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1904270] Re: ubiquity does not support existing LUKS encrypted partitions
Using the installer for 20.04.3 using the workaround and the installer
is failing with raise ValueError("encryption key or keyfile must be
specified") in the log as well.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1904270
Title:
ubiquity does not support existing LUKS encrypted partitions
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1904270/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1904270] Re: ubiquity does not support existing LUKS encrypted partitions
I am trying to install ubuntu 20.04 on top of an old LUKS partition with ubuntu 18.04. I have a single encrypted partition so I set it as mount point "/". But the installation then fails saying that the bootloader installation failed. For bootloader I selected the disk where the LUKS partition is. There are other two partitions on that disk, an efi and an ext2. Should the selection for the bootloader installation be different? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1904270 Title: ubiquity does not support existing LUKS encrypted partitions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1904270/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1904270] Re: ubiquity does not support existing LUKS encrypted partitions
> Then, either do this at the end after the installer has run, or boot into a live CD environment (e.g. Kubuntu) and do: The many steps given there are not really necessary. If you installed without downloading updates the following steps should be easier: 1. The first boot after the installation will not succeed, but give you a busybox shell from initramfs. 1. In that shell give the cryptsetup command as given above. 1. Exit the shell using Ctrl-D. 1. The boot will now complete. 1. Create the /etc/crypttab file. Typically you can just copy it from your previous root file system. 1. Update the system using apt or whatever you use. Unless you do this immediately when the installer image was built there will be updates that recreate the initramfs. The recreated initramfs will contain your new /etc/crypttab. 1. Reboot. 1. It works! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1904270 Title: ubiquity does not support existing LUKS encrypted partitions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1904270/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1904270] Re: ubiquity does not support existing LUKS encrypted partitions
I have used the "cryptsetup luksOpen` work-around successfully already
years ago.
However, when installing 20.04 with the server installer it does no longer work.
Installation aborts; in the log I found the cause to be
raise ValueError("encryption key or keyfile must be specified")
from
https://github.com/canonical/curtin/blob/45877d0e1f5774dc424f73b0c1c16b65e0353e63/curtin/commands/block_meta.py#L1394
(Note: This is not necessary the commit that was in use when I used the
installer. I just looked at the current master branch to point to the
message I got. I did upload the crash report, but I don't have a link to
my upload.)
Obviously the installer got confused ny the work-around because it
noticed that there is a LUKS container, but it had never gotten any
secret related to it.
Is there more than one Server installer, that could explain the
discrepancy against the instructions above?
I tried the xubuntu-20.04.2.0 and there the work-around still works.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1904270
Title:
ubiquity does not support existing LUKS encrypted partitions
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1904270/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1904270] Re: ubiquity does not support existing LUKS encrypted partitions
> I tried the xubuntu-20.04.2.0 Sorry, that should have been xubuntu-20.04.2.0 installer -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1904270 Title: ubiquity does not support existing LUKS encrypted partitions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1904270/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1904270] Re: ubiquity does not support existing LUKS encrypted partitions
Yeah it's a pretty ridiculous bug to have in an LTS release. Disk encryption is a must these days, and other OSes like Windows support it by default -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1904270 Title: ubiquity does not support existing LUKS encrypted partitions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1904270/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1904270] Re: ubiquity does not support existing LUKS encrypted partitions
I confirm. That's a quite horrible experience. The previous text-based installer worked perfectly to unlock the disc and map the partitions. It was never supported in the GUI installer and I killed my disk once because of that. This is a major downturn as encryption is a best-practice for quite a long time. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1904270 Title: ubiquity does not support existing LUKS encrypted partitions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1904270/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1904270] Re: ubiquity does not support existing LUKS encrypted partitions
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: ubiquity (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1904270 Title: ubiquity does not support existing LUKS encrypted partitions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1904270/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
