svartkanin
commented
2 weeks ago According to the logs the encryption was selected for /home and also setup correctly.
Can you share the output for lsblk -J -O from the installed system
Open onekum opened 2 weeks ago
svartkanin
commented
2 weeks ago According to the logs the encryption was selected for /home and also setup correctly.
Can you share the output for lsblk -J -O from the installed system
onekum
commented
2 weeks ago Upon booting into the desktop, it appears that the /home partition is recognized as encrypted through the file explorer, but it is permanently unlocked, defeating the purpose of the encryption altogether. I rebooted countless times to see if a decryption prompt would ever show up on boot, but it doesn't; despite this, I can access the /home directory without any authentication.
Here's the output of lsblk -J -O:
{
"blockdevices": [
{
"alignment": 0,
"id-link": "wwn-0x5000c500aa9af812",
"id": "0x5000c500aa9af812",
"disc-aln": 0,
"dax": false,
"disc-gran": "4K",
"disk-seq": 1,
"disc-max": "0B",
"disc-zero": false,
"fsavail": null,
"fsroots": [
null
],
"fssize": null,
"fstype": null,
"fsused": null,
"fsuse%": null,
"fsver": null,
"group": "disk",
"hctl": "0:0:0:0",
"hotplug": false,
"kname": "sda",
"label": null,
"log-sec": 512,
"maj:min": "8:0",
"maj": "8",
"min": "0",
"min-io": 4096,
"mode": "brw-rw----",
"model": "ST2000LM007-1R8174",
"mq": " 1",
"name": "sda",
"opt-io": 0,
"owner": "root",
"partflags": null,
"partlabel": null,
"partn": null,
"parttype": null,
"parttypename": null,
"partuuid": null,
"path": "/dev/sda",
"phy-sec": 4096,
"pkname": null,
"pttype": "gpt",
"ptuuid": "273c1279-e312-4b61-9e34-ef41d8e01d4f",
"ra": 128,
"rand": true,
"rev": "SDM2",
"rm": false,
"ro": false,
"rota": true,
"rq-size": 64,
"sched": "mq-deadline",
"serial": "WDZ6S61R",
"size": "1.8T",
"start": null,
"state": "running",
"subsystems": "block:scsi:pci",
"mountpoint": null,
"mountpoints": [
null
],
"tran": "sata",
"type": "disk",
"uuid": null,
"vendor": "ATA ",
"wsame": "0B",
"wwn": "0x5000c500aa9af812",
"zoned": "none",
"zone-sz": "0B",
"zone-wgran": "0B",
"zone-app": "0B",
"zone-nr": 0,
"zone-omax": 0,
"zone-amax": 0,
"children": [
{
"alignment": 0,
"id-link": "wwn-0x5000c500aa9af812-part1",
"id": "0x5000c500aa9af812-part1",
"disc-aln": 0,
"dax": false,
"disc-gran": "4K",
"disk-seq": 1,
"disc-max": "0B",
"disc-zero": false,
"fsavail": "866.4M",
"fsroots": [
"/"
],
"fssize": "1022M",
"fstype": "vfat",
"fsused": "155.6M",
"fsuse%": "15%",
"fsver": "FAT32",
"group": "disk",
"hctl": null,
"hotplug": false,
"kname": "sda1",
"label": null,
"log-sec": 512,
"maj:min": "8:1",
"maj": "8",
"min": "1",
"min-io": 4096,
"mode": "brw-rw----",
"model": null,
"mq": " 1",
"name": "sda1",
"opt-io": 0,
"owner": "root",
"partflags": null,
"partlabel": null,
"partn": 1,
"parttype": "c12a7328-f81f-11d2-ba4b-00a0c93ec93b",
"parttypename": "EFI System",
"partuuid": "43362379-24f2-40ff-b582-0994aded9683",
"path": "/dev/sda1",
"phy-sec": 4096,
"pkname": "sda",
"pttype": "gpt",
"ptuuid": "273c1279-e312-4b61-9e34-ef41d8e01d4f",
"ra": 128,
"rand": true,
"rev": null,
"rm": false,
"ro": false,
"rota": true,
"rq-size": 64,
"sched": "mq-deadline",
"serial": null,
"size": "1G",
"start": 2048,
"state": null,
"subsystems": "block:scsi:pci",
"mountpoint": "/boot",
"mountpoints": [
"/boot"
],
"tran": null,
"type": "part",
"uuid": "714C-79CE",
"vendor": null,
"wsame": "0B",
"wwn": "0x5000c500aa9af812",
"zoned": "none",
"zone-sz": "0B",
"zone-wgran": "0B",
"zone-app": "0B",
"zone-nr": 0,
"zone-omax": 0,
"zone-amax": 0
},{
"alignment": 0,
"id-link": "wwn-0x5000c500aa9af812-part2",
"id": "0x5000c500aa9af812-part2",
"disc-aln": 0,
"dax": false,
"disc-gran": "4K",
"disk-seq": 1,
"disc-max": "0B",
"disc-zero": false,
"fsavail": "12.4G",
"fsroots": [
"/"
],
"fssize": "19.5G",
"fstype": "ext4",
"fsused": "6.1G",
"fsuse%": "31%",
"fsver": "1.0",
"group": "disk",
"hctl": null,
"hotplug": false,
"kname": "sda2",
"label": null,
"log-sec": 512,
"maj:min": "8:2",
"maj": "8",
"min": "2",
"min-io": 4096,
"mode": "brw-rw----",
"model": null,
"mq": " 1",
"name": "sda2",
"opt-io": 0,
"owner": "root",
"partflags": null,
"partlabel": null,
"partn": 2,
"parttype": "0fc63daf-8483-4772-8e79-3d69d8477de4",
"parttypename": "Linux filesystem",
"partuuid": "8d9feaa4-b76d-462a-8f3b-5a14d51652ed",
"path": "/dev/sda2",
"phy-sec": 4096,
"pkname": "sda",
"pttype": "gpt",
"ptuuid": "273c1279-e312-4b61-9e34-ef41d8e01d4f",
"ra": 128,
"rand": true,
"rev": null,
"rm": false,
"ro": false,
"rota": true,
"rq-size": 64,
"sched": "mq-deadline",
"serial": null,
"size": "20G",
"start": 2099200,
"state": null,
"subsystems": "block:scsi:pci",
"mountpoint": "/",
"mountpoints": [
"/"
],
"tran": null,
"type": "part",
"uuid": "30425400-daff-44f1-ad41-6a818abec523",
"vendor": null,
"wsame": "0B",
"wwn": "0x5000c500aa9af812",
"zoned": "none",
"zone-sz": "0B",
"zone-wgran": "0B",
"zone-app": "0B",
"zone-nr": 0,
"zone-omax": 0,
"zone-amax": 0
},{
"alignment": 0,
"id-link": "wwn-0x5000c500aa9af812-part3",
"id": "0x5000c500aa9af812-part3",
"disc-aln": 0,
"dax": false,
"disc-gran": "4K",
"disk-seq": 1,
"disc-max": "0B",
"disc-zero": false,
"fsavail": null,
"fsroots": [
null
],
"fssize": null,
"fstype": "crypto_LUKS",
"fsused": null,
"fsuse%": null,
"fsver": "2",
"group": "disk",
"hctl": null,
"hotplug": false,
"kname": "sda3",
"label": null,
"log-sec": 512,
"maj:min": "8:3",
"maj": "8",
"min": "3",
"min-io": 4096,
"mode": "brw-rw----",
"model": null,
"mq": " 1",
"name": "sda3",
"opt-io": 0,
"owner": "root",
"partflags": null,
"partlabel": null,
"partn": 3,
"parttype": "0fc63daf-8483-4772-8e79-3d69d8477de4",
"parttypename": "Linux filesystem",
"partuuid": "01af6c2b-462e-4045-85d2-e08fb31e5bd7",
"path": "/dev/sda3",
"phy-sec": 4096,
"pkname": "sda",
"pttype": "gpt",
"ptuuid": "273c1279-e312-4b61-9e34-ef41d8e01d4f",
"ra": 128,
"rand": true,
"rev": null,
"rm": false,
"ro": false,
"rota": true,
"rq-size": 64,
"sched": "mq-deadline",
"serial": null,
"size": "1.8T",
"start": 44042240,
"state": null,
"subsystems": "block:scsi:pci",
"mountpoint": null,
"mountpoints": [
null
],
"tran": null,
"type": "part",
"uuid": "6dda5baf-ad14-42f9-93ab-3fe380150d9a",
"vendor": null,
"wsame": "0B",
"wwn": "0x5000c500aa9af812",
"zoned": "none",
"zone-sz": "0B",
"zone-wgran": "0B",
"zone-app": "0B",
"zone-nr": 0,
"zone-omax": 0,
"zone-amax": 0,
"children": [
{
"alignment": 0,
"id-link": "dm-name-ainstsda3",
"id": "name-ainstsda3",
"disc-aln": 0,
"dax": false,
"disc-gran": "0B",
"disk-seq": 6,
"disc-max": "0B",
"disc-zero": false,
"fsavail": "1.7T",
"fsroots": [
"/"
],
"fssize": "1.8T",
"fstype": "ext4",
"fsused": "46M",
"fsuse%": "0%",
"fsver": "1.0",
"group": "disk",
"hctl": null,
"hotplug": false,
"kname": "dm-0",
"label": null,
"log-sec": 4096,
"maj:min": "254:0",
"maj": "254",
"min": "0",
"min-io": 4096,
"mode": "brw-rw----",
"model": null,
"mq": "1",
"name": "ainstsda3",
"opt-io": 0,
"owner": "root",
"partflags": null,
"partlabel": null,
"partn": null,
"parttype": null,
"parttypename": null,
"partuuid": null,
"path": "/dev/mapper/ainstsda3",
"phy-sec": 4096,
"pkname": "sda3",
"pttype": null,
"ptuuid": null,
"ra": 128,
"rand": false,
"rev": null,
"rm": false,
"ro": false,
"rota": true,
"rq-size": null,
"sched": null,
"serial": null,
"size": "1.8T",
"start": null,
"state": "running",
"subsystems": "block",
"mountpoint": "/home",
"mountpoints": [
"/home"
],
"tran": null,
"type": "crypt",
"uuid": "181770cb-195f-4d50-9932-3f682bc5df4b",
"vendor": null,
"wsame": "0B",
"wwn": null,
"zoned": "none",
"zone-sz": "0B",
"zone-wgran": "0B",
"zone-app": "0B",
"zone-nr": 0,
"zone-omax": 0,
"zone-amax": 0
}
]
}
]
},{
"alignment": 0,
"id-link": "usb-SanDisk_Cruzer_Dial_4C530001280509117173-0:0",
"id": "SanDisk_Cruzer_Dial_4C530001280509117173-0:0",
"disc-aln": 0,
"dax": false,
"disc-gran": "512B",
"disk-seq": 4,
"disc-max": "0B",
"disc-zero": false,
"fsavail": null,
"fsroots": [
null
],
"fssize": null,
"fstype": "iso9660",
"fsused": null,
"fsuse%": null,
"fsver": "Joliet Extension",
"group": "disk",
"hctl": "2:0:0:0",
"hotplug": true,
"kname": "sdb",
"label": "ARCH_202405",
"log-sec": 512,
"maj:min": "8:16",
"maj": "8",
"min": "16",
"min-io": 512,
"mode": "brw-rw----",
"model": "Cruzer Dial",
"mq": " 1",
"name": "sdb",
"opt-io": 0,
"owner": "root",
"partflags": null,
"partlabel": null,
"partn": null,
"parttype": null,
"parttypename": null,
"partuuid": null,
"path": "/dev/sdb",
"phy-sec": 512,
"pkname": null,
"pttype": "dos",
"ptuuid": "8da10534",
"ra": 128,
"rand": true,
"rev": "1.00",
"rm": true,
"ro": false,
"rota": true,
"rq-size": 2,
"sched": "mq-deadline",
"serial": "4C530001280509117173",
"size": "29.3G",
"start": null,
"state": "running",
"subsystems": "block:scsi:usb:pci",
"mountpoint": null,
"mountpoints": [
null
],
"tran": "usb",
"type": "disk",
"uuid": "2024-05-01-17-04-31-00",
"vendor": "SanDisk ",
"wsame": "0B",
"wwn": null,
"zoned": "none",
"zone-sz": "0B",
"zone-wgran": "0B",
"zone-app": "0B",
"zone-nr": 0,
"zone-omax": 0,
"zone-amax": 0,
"children": [
{
"alignment": 0,
"id-link": "usb-SanDisk_Cruzer_Dial_4C530001280509117173-0:0-part1",
"id": "SanDisk_Cruzer_Dial_4C530001280509117173-0:0-part1",
"disc-aln": 0,
"dax": false,
"disc-gran": "512B",
"disk-seq": 4,
"disc-max": "0B",
"disc-zero": false,
"fsavail": null,
"fsroots": [
null
],
"fssize": null,
"fstype": "iso9660",
"fsused": null,
"fsuse%": null,
"fsver": "Joliet Extension",
"group": "disk",
"hctl": null,
"hotplug": true,
"kname": "sdb1",
"label": "ARCH_202405",
"log-sec": 512,
"maj:min": "8:17",
"maj": "8",
"min": "17",
"min-io": 512,
"mode": "brw-rw----",
"model": null,
"mq": " 1",
"name": "sdb1",
"opt-io": 0,
"owner": "root",
"partflags": "0x80",
"partlabel": null,
"partn": 1,
"parttype": "0x0",
"parttypename": "Empty",
"partuuid": "8da10534-01",
"path": "/dev/sdb1",
"phy-sec": 512,
"pkname": "sdb",
"pttype": "dos",
"ptuuid": "8da10534",
"ra": 128,
"rand": true,
"rev": null,
"rm": true,
"ro": false,
"rota": true,
"rq-size": 2,
"sched": "mq-deadline",
"serial": null,
"size": "934M",
"start": 64,
"state": null,
"subsystems": "block:scsi:usb:pci",
"mountpoint": null,
"mountpoints": [
null
],
"tran": null,
"type": "part",
"uuid": "2024-05-01-17-04-31-00",
"vendor": null,
"wsame": "0B",
"wwn": null,
"zoned": "none",
"zone-sz": "0B",
"zone-wgran": "0B",
"zone-app": "0B",
"zone-nr": 0,
"zone-omax": 0,
"zone-amax": 0
},{
"alignment": 0,
"id-link": "usb-SanDisk_Cruzer_Dial_4C530001280509117173-0:0-part2",
"id": "SanDisk_Cruzer_Dial_4C530001280509117173-0:0-part2",
"disc-aln": 0,
"dax": false,
"disc-gran": "512B",
"disk-seq": 4,
"disc-max": "0B",
"disc-zero": false,
"fsavail": null,
"fsroots": [
null
],
"fssize": null,
"fstype": "vfat",
"fsused": null,
"fsuse%": null,
"fsver": "FAT16",
"group": "disk",
"hctl": null,
"hotplug": true,
"kname": "sdb2",
"label": "ARCHISO_EFI",
"log-sec": 512,
"maj:min": "8:18",
"maj": "8",
"min": "18",
"min-io": 512,
"mode": "brw-rw----",
"model": null,
"mq": " 1",
"name": "sdb2",
"opt-io": 0,
"owner": "root",
"partflags": null,
"partlabel": null,
"partn": 2,
"parttype": "0xef",
"parttypename": "EFI (FAT-12/16/32)",
"partuuid": "8da10534-02",
"path": "/dev/sdb2",
"phy-sec": 512,
"pkname": "sdb",
"pttype": "dos",
"ptuuid": "8da10534",
"ra": 128,
"rand": true,
"rev": null,
"rm": true,
"ro": false,
"rota": true,
"rq-size": 2,
"sched": "mq-deadline",
"serial": null,
"size": "144M",
"start": 1912832,
"state": null,
"subsystems": "block:scsi:usb:pci",
"mountpoint": null,
"mountpoints": [
null
],
"tran": null,
"type": "part",
"uuid": "6665-2677",
"vendor": null,
"wsame": "0B",
"wwn": null,
"zoned": "none",
"zone-sz": "0B",
"zone-wgran": "0B",
"zone-app": "0B",
"zone-nr": 0,
"zone-omax": 0,
"zone-amax": 0
}
]
},{
"alignment": 0,
"id-link": "wwn-0x5001480000000000",
"id": "0x5001480000000000",
"disc-aln": 0,
"dax": false,
"disc-gran": "512B",
"disk-seq": 3,
"disc-max": "0B",
"disc-zero": false,
"fsavail": null,
"fsroots": [
null
],
"fssize": null,
"fstype": null,
"fsused": null,
"fsuse%": null,
"fsver": null,
"group": "optical",
"hctl": "1:0:0:0",
"hotplug": false,
"kname": "sr0",
"label": null,
"log-sec": 512,
"maj:min": "11:0",
"maj": "11",
"min": "0",
"min-io": 512,
"mode": "brw-rw----",
"model": "HL-DT-ST DVD+/-RW GU90N",
"mq": " 1",
"name": "sr0",
"opt-io": 0,
"owner": "root",
"partflags": null,
"partlabel": null,
"partn": null,
"parttype": null,
"parttypename": null,
"partuuid": null,
"path": "/dev/sr0",
"phy-sec": 512,
"pkname": null,
"pttype": null,
"ptuuid": null,
"ra": 128,
"rand": false,
"rev": "A1C2",
"rm": true,
"ro": false,
"rota": true,
"rq-size": 64,
"sched": "mq-deadline",
"serial": "KZRH6R85226",
"size": "1024M",
"start": null,
"state": "running",
"subsystems": "block:scsi:pci",
"mountpoint": null,
"mountpoints": [
null
],
"tran": "sata",
"type": "rom",
"uuid": null,
"vendor": "HL-DT-ST",
"wsame": "0B",
"wwn": "0x5001480000000000",
"zoned": "none",
"zone-sz": "0B",
"zone-wgran": "0B",
"zone-app": "0B",
"zone-nr": 0,
"zone-omax": 0,
"zone-amax": 0
},{
"alignment": 0,
"id-link": null,
"id": null,
"disc-aln": 0,
"dax": false,
"disc-gran": "4K",
"disk-seq": 5,
"disc-max": "2T",
"disc-zero": false,
"fsavail": null,
"fsroots": [
null
],
"fssize": null,
"fstype": null,
"fsused": null,
"fsuse%": null,
"fsver": null,
"group": "disk",
"hctl": null,
"hotplug": false,
"kname": "zram0",
"label": null,
"log-sec": 4096,
"maj:min": "253:0",
"maj": "253",
"min": "0",
"min-io": 4096,
"mode": "brw-rw----",
"model": null,
"mq": "1",
"name": "zram0",
"opt-io": 4096,
"owner": "root",
"partflags": null,
"partlabel": null,
"partn": null,
"parttype": null,
"parttypename": null,
"partuuid": null,
"path": "/dev/zram0",
"phy-sec": 4096,
"pkname": null,
"pttype": null,
"ptuuid": null,
"ra": 128,
"rand": false,
"rev": null,
"rm": false,
"ro": false,
"rota": false,
"rq-size": null,
"sched": null,
"serial": null,
"size": "3.8G",
"start": null,
"state": null,
"subsystems": "block",
"mountpoint": "[SWAP]",
"mountpoints": [
"[SWAP]"
],
"tran": null,
"type": "disk",
"uuid": null,
"vendor": null,
"wsame": "0B",
"wwn": null,
"zoned": "none",
"zone-sz": "0B",
"zone-wgran": "0B",
"zone-app": "0B",
"zone-nr": 0,
"zone-omax": 0,
"zone-amax": 0
}
]
}
The past few times I've installed with ArchInstall, I designated my
/homepartition to be encrypted, but the script doesn't appear to follow that instruction. My system boots completely as if I had not designated encryption at all. There's not one prompt for a password to decrypt the system; everything boots just fine but unencrypted. Here is my install log.