1

I installed Debian 9 on a VPS and configured the root partition to be encrypted. However, due to the installer giving me trouble when attempting to encrypt, I had to do this manually.

To be able to unlock the root partition via SSH during boot I also installed dropbear-initramfsand updated the initramfs using update-initramfs -u. On boot, I am now able to connect to the dropbearserver.

After the login process, cryptroot-unlock (which is invoked automatically when logging in via SSH) fails with the following error message:

Error: Timeout reached while waiting for askpass.

and closes the connection.

I didn't find anything on this exact error message on the web and tried to make sure I didn't make any config mistakes, but nothing seemed to help so far.

At the moment, I am able to chroot into the system using a rescue live system; what can I do to fix this error?

Julian Eckhardt
  • 31
  • 1
  • 5

1 Answers1

2

I was able to fix the problem myself, but maybe someone else runs into the same problem, so I'll post the solution here:

As it turns out, my /etc/crypttab had syntax errors, which led to askpass(amongst others) not being included in the initramfs when running update-initramfs -u.

For me, it was enough to add each separate logical volume into /etc/crypttab instead of the volume group as a whole. Here's an example:

#name       underlying device       passphrase  cryptsetup options
vg-root     /dev/mapper/vg-root     none        luks,retry=1
vg-swap     /dev/mapper/vg-swap     none        luks,retry=1

After updating your initramfs once again your system should ask for the logical volume passphrases on startup and then resume booting normally.

Julian Eckhardt
  • 31
  • 1
  • 5