Home > Uncategorized > Reinstalling Debian on Existing LUKS+LVM Partition

Reinstalling Debian on Existing LUKS+LVM Partition

Today, I reinstalled Debian on an external hard disk with a LUKS+LVM encrypted volume. Two requirements:

  • I did not want my /home logical volume touched.
  • I did want all other logical volumes to be formatted.

While I recall doing this years ago without much trouble, the current Wheezy Debian installer took some tinkering.

When I got to the partitioning screen, my encrypted volume was not detected. (I found this a little odd, because if I booted the USB stick I was using in rescue mode, I was automatically prompted for my password.)

Moreover, when I switched to another VC to mount the volume manually, I found that cryptsetup was not available. http://wiki.debian.org/DebianInstaller/Rescue/Crypto was helpful, but it did not quite do the trick. (I tried to update the page, but I could not seem to recover my old account. Will have to save that for another day.) The following worked for me:

# anna-install cryptsetup-udeb partman-crypto-dm
# depmod -a
# cryptsetup luksOpen /dev/sdc1 asdf
# vgchange -ay asdf

Then, I went back to the installation VC, and asked it to configure the logical volume manager. Until I did this, it would not detect the existing file systems on the logical volumes. I was then able to select which LVs to format and which to keep, as well as where to mount everything.

(By the way, I was installing over WPA-encrypted wifi and found it necessary to manually install wicd-curses during setup. None of my wifi settings were saved during installation, so the initial boot did not have internet access. I could not find networkmanager either and am too impatient for wpa_passphrase. All of this may have been the result of only installing the standard system utilities task.)

At any rate, the installation unfortunately did not write /etc/crypttab (and then generate initramfs) for me like it does when you create and install a new LUKS+LVM during a typical installation. Therefore, grub gave me an error on the initial boot and I had to manually unencrypt and activate the LVs.

# cryptsetup luksOpen /dev/sdb1 asdf
# vgchange -ay asdf

Then ctrl+d to start the boot process. Once it has booted, I edited /etc/crypttab and added something like the following:

asdf UUID=[UUID of physical device holding LUKS+LVM partition] none luks

Then I regenerated initramfs

# update-initramfs -u -k all

Everything worked fine for me on reboot. HTH

Advertisements
Categories: Uncategorized
  1. January 31, 2014 at 3:10 am

    Thanks a lot, excellent post, you really helped me out! Strange that the Debian installer does not provide an easier way to re-use encrypted LVs.

    (Incidentally, I first followed your guide using a daily snapshot of the Testing install cd instead, but then upon reboot I was met with a seemingly unrelated grub error complaining about a missing normal.mod file.This also occurs when I run the installation from the Wheezy cd and dist-upgrade to Testing afterwards.)

    Two comments: (1) I think it should be partman-crypto-dm, not partman-crypt-dm (mind the “o”) and (2) it should be update-initramfs -u -k all, not update-initramfs -u -k -all (mind the dash).

    • s01ac3
      January 31, 2014 at 10:31 am

      I’m glad to hear it helped. Thank you kindly for the revisions.

  2. January 31, 2014 at 5:29 am

    Apparently the grub error was caused by my boot partition being ext2. I reformatted it as ext3 in the Testing installer and now everything is well.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: