I added an external USB disk for storing snapshots and started out with encrypting the disk assuming it would be very easy to walk away with a whole lot of my data.

That works perfectly fine, except for when the system reboots. It gets stuck even before the Centos splash screen is displayed.

If I unplug the disk and wait until the splash screen is shown before I plug it in everything works fine again.

There is nothing on the disk that is required for the boot. There is only one disk in the boot menu (obviously not the encrypted external one) and booting from anything but this one internal HDD is disabled.

Is this a known weakness or can it be fixed - maybe with a work-around like disabling USB during boot altogether and enabling it later -
that allows starting the system with the disk attached?

-Steffen

If this is the only encrypted disk on the system, edit your GRUB configuration and include "rd_NO_LUKS" in the kernel parameters. The initrd will then no longer probe for LUKS containers.

1 members found this post helpful.

thanks for the quick reply, but this parameter is already present for all options,
e.g., the default boot option has the following:

(..)
title CentOS (2.6.32-696.20.1.el6.x86_64)
root (hd0,0)
kernel /vmlinuz-2.6.32-696.20.1.el6.x86_64 ro root=/dev/mapper/vg_barebones-lv_root rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=128M rd_LVM_LV=vg_barebones/lv_swap rd_LVM_LV=vg_barebones/lv_root KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
initrd /initramfs-2.6.32-696.20.1.el6.x86_64.img
(..)

or does it need to be added somewhere else?

(the snippet above is from /boot/grub/grub.conf)

-Steffen

That's strange, because I'm running the same version of CentOS with the same situation (encrypted backup disks) and don't have any problem with booting with the disks connected. (Well, it does mess up my usual sda, sdb, ... assignments, so I generally reboot right away, but my system comes up fine.)

I verified that just now to be sure. System came up fine with a disk with two encrypted partitions powered on.

My grub.conf (line breaks added for readability -- not present in actual file):A couple of possibilities come to mind:

• My disk is partitioned. Is yours by any chance unpartitioned and a whole-disk LUKS volume? I've never tested that.
• Is there an entry in /etc/crypttab for that volume? There probably should not be.

1 members found this post helpful.

My drive does not have a partition, I encrypted the entire drive as is. /etc/crypttab is empty.

I'll give it a trial with another drive that is partitioned and encrypted then and update the post when I've done it.