when he says “We’ll need to edit the GRUB_CMDLINE_LINUX in /etc/default/grub to add all the decryption instructions for systemd to process at boot time”
do i edit that file manually or with a command?
and this next part does he mean i rename the usb drive to “keys” ?
This is the magic bit, which tells systemd where the key is. The key parts (aside from the UUID again):
/my.luks.key
This is the path to the key file relative to the USB stick, not the full path when mounted. So /my.luks.key instead of /mnt/keys/my.luks.key.
LABEL=keys
This is an identifier for the filesystem that contains the keys. I labelled the filesystem on my drive as “keys”.
and this command is it still the correct way? article is a few years old
sudo grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
and i think this command is how i broke my grub so it does not use the most up to date kernel i have to click down to the right kernel before booting, i used that command recently on a project and i made a post today about my broken grub here as well, thanks for any help, much appreciated
Did you read the guide linked to in the other thread?
The steps are clearly spelled out.
Just to simplify that there are 3 different file names that can be used with grub2-mkconfig to update the proper file.
/etc/grub2.cfg
/etc/grub2-efi.cfg
/boot/grub2/grub.cfg
The first 2 located in /etc are links to the third, so any of those can replace FILENAME in this command and have exactly the same effect. grub2-mkconfig -o FILENAME
ok i followed the guide and updated grub correctly and still no luck, when i boot pc it asks for full disk encryption password even tho the usb is plugged in with a keyfile on it and added to luks as a new key slot, what am i doing wrong ?