So I was using Endeavour with the following config:
Separate efi partition fat32
Separate /boot partition btrfs - LUKS
Separate / partition btrfs - LUKS
Separate /home partition btrfs - LUKS
And I accidentally bricked my system.
Now I went to reinstall and I wanted to reformat efi /boot and / partitions again in similar setup (this time installer chose LUKS2) while keeping /home partition intact.
However I’m having a problem with the installer when I select the old /home partition to be the new /home partition and enter passphrase. The installer says that it can’t decrypt the partition with the given passphrase.
I’m sure the passphrase is correct and I also confirmed it inside gparted.
How should I proceed?
Edit: As a temporary solution I managed to install EnOS by first opening encryption of /home partition in gparted and then running the installer (The installer didn’t ask for the passphrase for this partition this time). Although I think this results in the partition being essentialy unencrypted all the time? I’m still looking for a proper solution.
this was reusing the partition?
Separate efi partition fat32
Separate /boot partition btrfs - LUKS
Separate / partition btrfs - LUKS
Separate /home partition btrfs - LUKS
and you added the old open /home in manual partition mounted as /home? not sure if i understand correctly.. but in general, if an encrypted partition got mounted it will ask for passphrase.. in case using a keyfile it is possible to add multiple partitions keys into that and you only need to insert passhrase one time on boot.
and welcome 
, no clue why no one was aswering your post before.. could be encryption is scary 
Well encryption is a bit scary 
I was reusing. I’m not sure if there was a keyfile before the reinstall, however I was only prompted for passphrase once.
While reinstalling after I opened the partition in gparted the installer no longer asked me for the passphrase to the partition, and after the install it only asks for passphrase once so either it somehow automagically figured out what it needs to do, or the partition stayed open permanently (if that’s even possible).
Ahhh, so apparently, if I use the same passphrase for all partitions they would get unlocked with single passphrase even without keyfile?
That could explain why everything works even without specifying the passphrase in the installer.
My /etc/crypttab looks like this
# <name> <device> <password> <options>
luks-1c613246-29af-4145-b36e-3fb8b0b211da UUID=1c613246-29af-XXX none luks
luks-977c145e-e781-4caf-bcda-840531084420 UUID=977c145e-e781-XXX none luks
nvme0n1p7_crypt UUID=1963e9f8-41b7-42e4-a9c0-XXX none luks
(The last partition is the one I’m in doubt with)
I would appreciate if somebody could confirm if that’s the case / if the config seems ok, since I’m not that familiar with cryptsetup and I’m not sure.
on the same session it will not lock the containment without locking or unmounting it. Seems that does not happen so installer uses the unlocked partition detecting that it is LUKS.
(the actual uuids should not get posted public)
Your lsblk -f and /etc/fstab` could give a hint.. (remove parts of the UUIDS in case posting)