LUKS Passphrase Prompt Is Hidden

Project:Trisquel
Version:8.0
Component:Installer
Category:bug report
Priority:normal
Assigned:Unassigned
Status:active
Description

I found a glitch with the netinstall for Trisquel 8.

Using http://jenkins.trisquel.info/makeiso/iso/RC/trisquel-netinst_8.0-20180405_amd64.iso

It seems specific to full disk encryption (well, not "full" but from the option you'd select to "use entire disk and set up encrypted LVM".) So /boot is not encrypted.

After the installation is completed and you reboot, the prompt for the LUKS passphrase is hidden behind libreboot's boot picture of a penguin hugging a GNU. The workaround seems to be to wait for the disk activity to stop, thereby indicating you're at the passphrase prompt. Then the passphrase can still be typed blindly and hit enter. It then boots normally.

Sat, 04/07/2018 - 19:22

I should also add that I've been able to confirm that this does not happen when using the live ISO and installing from that, even when also using the option for disk encryption. It's somehow specific to the netinstall image.

Fri, 04/13/2018 - 04:26
Status:active» needs more info

I can't reproduce this with the RC1 i686 netinstall because as with previous versions it is not in ISOLINUX format and Libreboot doesn't have a default entry to boot it. Thus perhaps there is a bug in that quidam's mods to makeiso might be resulting in an ISOLINUX amd64 which you can boot. Therefore can you please clarify which libreboot release you are using, what media you booted from and how including any custom grub lines? And on what hardware?

In general though I'll point out that the libreboot supported way to install encrypted Trisquel in textmode is with the full DVD as per libreboot's docs here

https://libreboot.org/docs/gnulinux/encrypted_trisquel.html

Which you have done successfully.

Fri, 04/13/2018 - 04:09

Computer: ThinkPad R400

Libreboot version: 20160907

Booting from: USB

Custom GRUB lines? I don't do anything custom. The installer gets booted from the libreboot boot menu by selecting "Search for GRUB2 configuration on external media." Once it's installed I don't do anything; it boots automatically.

I haven't done the stuff at https://libreboot.org/docs/gnulinux/encrypted_trisquel.html. The purpose of that guide is to *also* have /boot encrypted. The usual method inside the text installer when you select "Use entire disk and set up encrypted LVM" leaves /boot unencrypted. This is done for compatibility with proprietary boot firmware which can't read an encrypted boot. Libreboot can though so people *can* encrypt /boot if they want to. But having an encrypted /boot is not important to me so I don't do it. I just select "Use entire disk and set up encrypted LVM" and leave /boot unencrypted.

That should also make the bug easier to work with because there isn't any odd set up going on with the disk; "Use entire disk and set up encrypted LVM" is part of the installer and should be set up the same way anytime anyone selects that option on any machine.

Fri, 04/13/2018 - 05:22

Then we're left with can't recreate on a libreboot (r20160907) Thinkpad x60s (i686) because it doesn't appear to find the grub.cfg on external media. However, subsequent behavior suggests a buffer overwrite may have occurred as libreboot won't software shutdown the machine.

Fri, 04/13/2018 - 11:54

Interesting, because I also do this on my X60s which is 32-bit.
i.e, I've always done the "use entire disk and set up encrypted LVM"
Although I haven't tried Trisquel 8 on it specifically yet because the LCD on the X60s is cracked and I have not replaced it yet.

Fri, 04/13/2018 - 11:56

Although I should also say that, when using the graphical installer, I'm also using that same option ("use entire disk and set up encrypted LVM") so the disk partitioning method should be the same regardless of installer used. That makes me doubt that the disk set up itself is the problem.

Sat, 05/05/2018 - 11:37
Status:needs more info» active

Correcting status. I don't have access to the equipment needed to recreate this, and it needs a developer who does.

Fri, 06/22/2018 - 21:22

I think that I have the same issue.

1. I first tried by installing with the Graphical Install from a live USB (which I created by =dd if=...iso of=/dev/sdX=) with Trisquel 8. I selected the full disk encryption with LVM. I get a nice pop-up at booting time asking me for the password. However, the password is not read. I did [CTRL] + [ALT] + [F1], [F2], etc., and I can see the password on [CTRL] + [ALT] + [F7]. The system never boots.

2. I tried with Trisquel 7, and the process worked well. I did not have a fancy pop-up, but I could type the password and the system boots well.

3. I updated the previous install doing the os-release-upgrade (or something like that on the terminal; I had to reinstall trisquel-release-upgrader-{core,gtk}), and the problem from 1 repeats itself.

I already killed the installation. But I have tried in many ways to do 1, and it is always like that.

Wed, 07/04/2018 - 08:03

When the GRUB screen shows up, edit the entry (hit letter e on your keyboard), and delete quiet splash $vt_handoff from the line which starts with linux.

There are two options: you get a lot of verbose on your screen, followed by a password prompt in terminal (and you recover your sanity) or you get a blank screen. If you get a blank screen, wait for a similar amount of time that you normally would to decipher the drive, then type your password (hopefully you have the right keyboard distribution). The system will continue with the normal start-up process.

If the waiting time is excessive, this workaround did not work for you.