I just installed Fedora 30 for the first time and enabled disk encryption in the process. Everything worked fine until I actually tried to boot. My password did not work. Its quite improbable that I did the same typo twice during the installation, but just to make sure, I reinstalled anyway. The problem persists.
Is this a keyboard issue? Or what could be going on here?
I did indeed use another keyboard layout for the install (German T3). I also considered this being the problem, but tried and failed to log in entering my password based on a US keyboard layout. I did not include that in my initial post, because Fedora informs the user during installation that the layout used for entering the password during installation would always be used to enter the password for decryption.
But if special characters problematic in general, I will try a new installation setting a password without them.
I installed F30 Workstation Live using German T3 layout, and it seems there is something wrong in the keymap. Indeed even entering my password based on a US keyboard layout it doesn’t work. In the other hand, selecting another keymap (I tried Italian and French), it works.
The difference is quite simple. The numbers you see beside each one is Linux kernel version. Fedora by default keeps three kernel versions (newest + two previous ones), and if newest kernel gives you some trouble, you can always boot into previous (presumable working) one. This has helped me several times.
The kernel is like the heart of your system, and it’s very important. I don’t think I can give simple and good enough description if you have absolutely no idea, what’s an OS’es kernel is. There’s definitely a wikipedia article and maybe some other good explanations in the net though.
So when you choose an older boot option, you boot with older kernel – but all the other updates you’ve installed are active and being used.
In general – when all works ok – you should use the latest kernel available to you, as kernel’s updates contain bugfixes and various other fixes, and even newer hardware support.
Hope this’ll help you to understand your system a little better. If explanation isn’t clear enough, ask, I’ll try to provide you with additional details.
Also you may add additional passwords to your already encrypted drive. Here’s some details:
It says that you can have up to 8 passwords/keys (I’ve used two).
The command you need is
sudo cryptsetup luksAddKey /dev/sdaX
sdaX should be your LUKS partition. More details are in the article.
Please be careful, you can loose access to you encrypted data if you seriously mess the passwords. Though just adding new LUKS password doesn’t invalidate old one, they are used simultaneously (and you need only one of them to decrypt the drive), there are commands to delete password and possible change exiting ones.
The idea is this: first you ensure you use English US layout, then you add new password to your LUKS drive/partition, then test if new one works upon reboot.
Yes, exactly. You can postpone your updates until you resolve your password problem.
And the possibility is high it’s just a keyboard layout problem. You need to determine, which layout is used upon boot when you enter your LUKS password, and provide LUKS with additional password in this layout. Then – after you test it and 100% sure it works – you can remove glitchy/confusing password entry (or entries).
Hi @jorise! Welcome to Ask Fedora! Please have a look at the introductory posts in the #start-here category if you haven’t had a chance to do so.
Even if the layout problem is unlikely, I’d suggest adding second key in kernel 5.0.9 (where it all works) – maybe something really simple, maybe even just with numbers alone (I know it’s very insecure, but please keep with me for a moment) – and then testing this new key in a 5.2 kernel.
You can (and really should!) delete or change this insecure second passphrase after trying it (whether it works or not).
If this numbers-only passphrase works – then obviously the issue was with original passphrase (however unlikely). If it doesn’t work – then the issue is with something else. In such a case I suggest you open a separate topic, ping me from it – and we’ll try to troubleshoot it together (others will help too, I’m sure).
Same problem here. The cause is in the installer, I suppose, when you enter special characters it discards them. The solution to boot on a newly installed system is to enter the same passphrase but omit the special characters. For an updated system I don’t know if it will work …
Hi @iranzoferri , welcome to the Fedora community!
If you’ve not had a chance yet, please look at the #start-here category. It has some very useful information on using the forum and tips on Fedora usage.
On your issue I have to disagree. Special characters are certainly not discarded when entering a LUKS password in the installer. However, you need to be aware that your keyboard layout may still be EN_US during the installer while your physical keyboard may be different and that may mess things up if characters of keymap and keyboard don’t align.
The best is to choose the right keyboard layout in the installer.
And finally, there is is this long standing, and if unknown, annoying bug that when you change your keyboard layout, it also changes the keyboard layout for plymouth (startup/disk encryption) But only after the next kernel update (when initramfs is being rebuild).
Meaning: while you think you have a new keymap, the disk encryption dialog be still be on the old keymap (for instance EN_US) until you install a new kernel…