I’ve recently installed nethserver, using LUKS for / and swap. I find my cryptab looks like:
luks-<uuid1> UUID=<uuid1> none luks-<uuid2> UUID=<uuid2> none
/dev/mapper/luks-<uuid2> / ext4 defaults,x-systemd.device-timeout=0 1 1 UUID=<uuid3> /boot ext4 defaults 1 2 /dev/mapper/luks-<uuid1> swap swap defaults,x-systemd.device-timeout=0 0 0
What perplexes me about this is that on bootup, I am only asked for my password once. I’m wondering how that happens, as I would like to add another LUKS encrypted hard drive for backups from the machines on the LAN. With Debian, I had to use
keyscript=decrypt_keyctl, but some other magic is solving the problem here.