The L5 has only about 30G of memory. I want to extend it with an SD card. However, I want the SD card to be encrypted (luks container). To this end, inserted an SD card and encrypted it
cryptsetup luksFormat /dev/sda
Then, I copied the /etc/crypttab entry for crypt_root to another line, changed the name to crypt_sd, updated the UUID, and added nofail to the options.
crypt_root UUID=[root uuid here] none luks,discard,keyscript=/usr/share/initramfs-tools/scripts/osk-sdl-keyscript,initramfs
crypt_sd UUID=[sd uuid here] none nofail,luks,discard,keyscript=/usr/share/initramfs-tools/scripts/osk-sdl-keyscript,initramfs
At boot, I get a screen to put in my passphrase for the root partition. I put this in, and then I am presented with ANOTHER password screen, but only for about 0.2 seconds. This screen goes away and I get some tty-esque text output which is asking for a passphrase for about 1 second before it boots normally.
It seems like it decrypts root normally, but doesn’t give me enough time to type the passphrase for the sd card. Then, it boots normally ignoring the failed decrypt.
Has anyone gotten encrypted sd cards to open at boot? If so, How did you do it? Is there something wrong with my crypttab entry above?