Problem with mounting encrypted drives

Desktop Environments Cinnamon
3

First, see here (what I detail below is my own notes from this process):
See crypttab > Mounting at boot time.

You can generate a strong passphrase for each of these volumes, and have that stored in file and referenced by /etc/crypttab when mounting those volumes. The process is as follows:

  1. Generate random passphrase.
  2. Add that passphrase as a key to your LUKS volume.
  3. Reference your LUKS volume UUID.
  4. Add the LUKS volume to /etc/crypttab.
  5. Add the decrypted volume to /etc/fstab.

GUIDE:

1. Generate random passphrase.

This will generate a strong random passphrase, and store it under /root/lukskey .

sudo dd if=/dev/random bs=32 count=8 of=/root/lukskey

2. Add that passphrase as a key to your LUKS volume.

This won’t replace any existing passphrase, it will add an additional one. Replace somevolume with the actual volume in question :

sudo cryptsetup luksAddKey /dev/somevolume /root/lukskey

3. Reference your LUKS volume UUID.

To find the UUID of your LUKS volume:

lsblk --fs | grep LUKS

That should look something like this, with 01234567-0123-0123-0123-0123456789ab being the UUID in this example:

NAME FSTYPE FSVER LABEL UUID
├─nvme0n1p2 crypto_LUKS 1 01234567-0123-0123-0123-0123456789ab

Copy that UUID, you’ll need it in a moment.

4. Add the LUKS volume to /etc/crypttab.

Edit /etc/crypttab. Replace somelongUUID with the UUID referenced earlier :

# <name>				<device>			  <password>
luks-somelongUUID		UUID=somelongUUID     /root/lukskey luks

So using the example, that would look like:

luks-01234567-0123-0123-0123-0123456789ab UUID=01234567-0123-0123-0123-0123456789ab /root/lukskey luks

That will result in it getting mapped under /dev/mapper/luks-01234567-0123-0123-0123-0123456789ab.

5. Add the decrypted volume to /etc/fstab.

Now map the decrypted volume in /etc/fstab, replacing somelongUUID with the LUKS UUID referenced earlier, and /some/mountpoint with an actual mountpoint (like somewhere in your home folder), and the filesystem (btrfs) and options (compress=zstd,noatime) with your volumes correct filesystem and options:

/dev/mapper/luks-somelongUUID	/some/mountpoint	btrfs	compress=zstd,noatime	0 0

Really check over your configuration before rebooting. Incorrect settings in these files can result in an unbootable system. You might even cross-check this with other sources, to verify the process.

See crypttab > Mounting at boot time.