Prepare:
- Bootable Linux USB. Parrot is recommended
- Boot into live mode
Update2 + Important note: The name of disk when use cryptsetup must be as same as the name in /etc/crypttab
. Wrong name cause update-grub problem that leads to unable to mount root partition → initramfs shell
This step used the article Repair grub2 + lvm2 + luks encrypted system (Volume group "ubuntu-vg-root" not found)
of Antoine Walter
to fix the issue volume group "luks" not found issue
. The article is at https://blog.anw.fr/2018/09/27/repair-grub2-lvm2-luks-encrypted-system-volume-group-not-found.html
Start
- Mount encrypted SSD
- Unlock encrypted disk
sudo cryptsetup open /dev/nvme0n1p1 disk
→/dev/nvme0n1p1
is partition path of SSD that was mapped on Linux system.disk
is the custom name that we use later. This name is optional - Enter passphrase to unlock disk
- Mount disk to
/mnt
:sudo mount /dev/mapper/disk /mnt
→/dev/mapper/disk
is where unencrypted disk was mapped to.disk
is custom name we set before.
- Get the actual name of disk and reopen it
- Get the name of disk
cat /mnt/@/etc/crypttab
. The output should be similar my screenshot
So the first column, name, is the text we have to use. Save it to your text editorluks-654f5d12-b5c8-46be-8f77-a1ce0bc39398
- Unmount the
/mnt
:sudo umount /mnt
- “Close” the LUKS Partition:
sudo cryptsetup close disk
- Mount the disk with good name and partitions
sudo cryptsetup open /dev/nvme0n1p1 luks-654f5d12-b5c8-46be-8f77-a1ce0bc39398
-
sudo mount /dev/mapper/luks-654f5d12-b5c8-46be-8f77-a1ce0bc39398 /mnt
Now the/mnt
has@
,dev
,@home
,proc
,sys
sudo mount --bind /proc /mnt/@/proc
sudo mount --bind /sys /mnt/@/sys
sudo mount --bind /dev /mnt/@/dev
sudo mount --bind /dev/pts /mnt/@/dev/pts
- chroot
sudo chroot /mnt/@
- Important: grub could have error can’t find the
/boot
partition and so on. In this step, we mount the encrypted disk again IN CHROOT
-(Update) Dont need to open disk again to mountsudo cryptsetup open /dev/nvme0n1p1 disk
-
sudo mount /dev/mapper/luks-654f5d12-b5c8-46be-8f77-a1ce0bc39398 /
(Update2: correct the name of example to fix grup problem)
- Install kernel, update grub, … Commands bellow are examples. User must use correct commands to fix specific problems.
-
sudo apt install linux-image-amd64 --reinstall
NOTICE If user is having a dual-boot machine,grub-install
will shows error can’t find EFI. The solution is to mount boot partition of Windows to/boot/efi
sudo grub-install /dev/nvme0n1
-
sudo grub-update
sudo update-grub
(Is update-initframs required?)