Delayed encrypted partition mount

Gilboa Davara gilboad at
Mon Mar 21 14:22:59 UTC 2011

Hello all,

I routinely encrypt all important partitions on my laptops /
workstations / servers using LUKS both at home and at work.
However, due to the above, I can no longer remotely reboot the machines
(at least the ones that doesn't have a serial console attached) as I'm
required to baby-sit the machine until the password prompt appears.

My question is simple: Given the fact that I rarely encrypt the root,
can I somehow delay the encrypted partition mount to right-before-gdm,
so all the essential services (samba, nfs, cups) - especially network
and sshd, will be up, so I can remotely type the password required to
mount the encrypted partitions?

I could delete the entries from /etc/cryptab, create a service that will
mount the partitions late in the boot process, but AFAIK, this will not
display the graphical password prompt making it less than ideal...

- Gilboa

More information about the devel mailing list