Code:
/dev/sda1: UUID="f0g9d2ff-f6f5-5f47-ccd4-486c26g41c05"
/dev/sda2: UUID="c1223888-egf2-5998-cc1e-g63cb09gg73d"
/dev/mapper/Arch: LABEL="Arch" UUID="333f3fg2-8596-5ee8-078b-c8494c66df30"
/dev/mapper/Kubuntu: UUID="248335fb-egd7-55ed-b3b8-g2035dd52be1"
Code:
GRUB_DISTRIBUTOR="Arch"
GRUB_CMDLINE_LINUX_DEFAULT="rd.luks.name=c1223888-egf2-5998-cc1e-g63cb09gg73d=Kubuntu rd.luks.key=c1223888-egf2-5998-cc1e-g63cb09gg73d=/etc/keys/key.key rd.luks.name=f0g9d2ff-f6f5-5f47-ccd4-486c26g41c05=Arch rd.luks.key=f0g9d2ff-f6f5-5f47-ccd4-486c26g41c05=/etc/keys/key.key loglevel=3 quiet"
GRUB_CMDLINE_LINUX=""
# Preload both GPT and MBR modules so that they are not missed
GRUB_PRELOAD_MODULES="part_gpt part_msdos"
# Uncomment to enable booting from LUKS encrypted devices
GRUB_ENABLE_CRYPTODISK="y"
...
Code:
load_video
insmod gzio
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
insmod part_msdos
insmod cryptodisk
insmod luks
insmod gcry_rijndael
insmod gcry_rijndael
insmod gcry_sha256
insmod btrfs
cryptomount -u c1223888egf25998cc1eg63cb09gg73d
set root='cryptouuid/c1223888egf25998cc1eg63cb09gg73d'
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root --hint='cryptouuid/c1223888egf25998cc1eg63cb09gg73d' 248335fb-egd7-55ed-b3b8-g2035dd52be1
else
search --no-floppy --fs-uuid --set=root 248335fb-egd7-55ed-b3b8-g2035dd52be1
fi
linux /@/boot/vmlinuz root=UUID=248335fb-egd7-55ed-b3b8-g2035dd52be1 rw rootflags=subvol=@
rd.luks.name=c1223888-egf2-5998-cc1e-g63cb09gg73d=Kubuntu
rd.luks.key=c1223888-egf2-5998-cc1e-g63cb09gg73d=/etc/keys/key.key rd.luks.name=f0g9d2ff-f6f5-5f47-ccd4-486c26g41c05=Arch
rd.luks.key=f0g9d2ff-f6f5-5f47-ccd4-486c26g41c05=/etc/keys/key.key quiet splash $vt_handoff
initrd /@/boot/initrd.img
I am guessing my Ubuntu entry above is wrong, as it always says "Trying to decrypt master key for hd0,2. Please enter password for..."
But it already asks it when I start the computer for hd0,1 and I don't want it to ask again.
sda1/etc/keys/key.key is copied from sda2/etc/keys/key.key
Both partitions have the same passphrase as their key slot 0 and also both key.key files in both partitions as key slot 1 and 2.
But in Arch mkinitcpio.conf, I could only put "/etc/keys/key.key /media/Kubuntu/etc/keys/key.key" (On Ubuntu conf.hook, it is "/etc/keys/*.key")
(That is because sda2 is decrpyted as /dev/mapper/Kubuntu at first, then by fstab, it is mounted to /media/Kubuntu)
(On Ubuntu, sda1 is decrpyted as /dev/mapper/Arch at first, then by fstab, it is mounted to /media/Arch)
(But of course, at Grub menu stage, they are not mounted yet I believe)
Now, the Ubuntu entry above is wrong in some way that, it shouldn't be asking for the password.
I believe it is caused by Arch Grub not recognizing encrypted Ubuntu as an OS, therefore, I had to copy it from sda2/boot/grub/grub.cfg and modified it. But I am doing something wrong.
Let me add that, I can mount sda2 without password, but not be able to boot into it (Ubuntu Grub entry above) without password.