I am in need of assistance with installing Fedora 41 while utilizing a detached LUKS header.
I have the same problem as the user of this thread.
I just recently started using fedora and linux and I have little experience yet.
I couldn’t find any instructions on the Internet that are suitable for fedora 41.
Also, I couldn’t move the /boot partition together with the luks header to a separate USB drive.
upd. I successfully got the UUID via the lsblk -f command
Please tell me how to correctly register the disk in
/etc/crypttab
Is it necessary to register the UUID of the encrypted disk here and add the path to the header location at the end?
Are you using a LUKS partition with detached header? If so, I would first make sure the encrypted partition can opened and mounted manually:
# Open luks device
sudo cryptsetup open /dev/your-partition your-mapping-name --header=/path-to-your-header
# Mount device
sudo mount /dev/mapper/your-mapping-name /your-mount-point
In your troubleshooting efforts you could use the nofail flag in /etc/fstab, so that at least an unsuccessful mount wouldn’t block you from booting into a graphical session.
Presuming it’s not the root partition you’re trying to encrypt with a detached header, as a workaround you could remove the fstab and crypttab entries, and open/mount the encrypted device each time after logging in to a graphical session. A bash alias might make things a bit easier.
Well, a functional encrypted root partition with non-detached header is still better (from my point of view), than a non-working encrypted partition with detached header.
You might want to go with a default/automatic installation (LUKS encrypted), until you figure out how to work with detached headers (maybe even trying with a non-system partitions first).