After new Ubuntu 15.04 installation, startup asks for password even though no disk encryption was set up
Solution 1
It's a known issue, should be fixed soon:
https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1447282
In short: Under certain circumstances, systemd does not recognize encrpyted swap correctly and prompts for a password which has never been set. Swap is always encrypted in case encryption for home was activated as userdata might be swapped out and then become unencrypted.
Solution 2
This is not the correct solution and as Christian says in the comments bellow it will make it less secure. But if the encryption is not a priority for you you could use this workaround.
First find the partition that has the swap
sudo fdisk -l
[sudo] password for kempe:
Disk /dev/sda: 233,8 GiB, 251000193024 bytes, 490234752 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
Disklabel type: gpt
Disk identifier: B59D4149-AC8E-4B71-B51F-8926B2E82C14
Device Start End Sectors Size Type
/dev/sda1 2048 409599 407552 199M EFI System
/dev/sda2 409640 253319775 252910136 120,6G Apple HFS/HFS+
/dev/sda3 253321216 269320191 15998976 7,6G Linux swap
/dev/sda4 269320192 490233855 220913664 105,3G Linux filesystem
In my case swap is on /dev/sda3
then turn off swap
sudo swapoff -a
disable cryptswap
sudo cryptsetup remove /dev/mapper/cryptswap1
Remove the corresponding line in /etc/crypttab. I only had one line in there but you might have more so be sure that you remove the correct on
sudo vim /etc/crypttab
Setup new swap area (remember fstab output)
sudo /sbin/mkswap /dev/sda3
sudo swapon /dev/sda3
and finally fix fstab line
sudo vim /etc/fstab
replace /dev/mapper/cryptswap1
with /dev/sda3
Enable and disable encrypted swap - Ubuntu
Solution 3
I was able to solve this issue with the following steps:
From a command prompt, run gnome-disks
Find which device is your swap drive. Mine was /dev/sda3
ls -l /dev/disk/by-uuid/
Find the ID that is symlinked to your swap partition
sudo vim /etc/crypttab
On the line beginning with cryptswap1, change the UUID=… portion to /dev/disk/by-id/ID-HERE. Save and reboot.
If you are still prompted for a password, run:
sudo dd if=/dev/zero of=/dev/sdaX bs=512 count=20480
Reboot again.
Solution 4
Run sudo fdisk -l
to find swap partition (i.e. /dev/sda6)
Grab UUID in /etc/crypttab or sudo blkid
for /dev/sda6 (replace device with your swap)
Run sudo swapoff /dev/sda6
Run sudo mkswap -U UUID /dev/sda6
(replace UUID and device with your swap)
Append ,offset=1024
to the end of cryptswap line in /etc/crypttab
Add "/dev/mapper/cryptswap1 none swap sw 0 0" to /etc/fstab
Run sudo update-initramfs -u
Run sudo swapon -a
Check swap is active with sudo systemctl status /dev/mapper/cryptswap
Solution 5
This problem still exists even on Ubuntu 15.10. I've made temporarily solution - turned off encryption for the swap partition (home is still encrypted). This guide worked for me in this case. This passphrase request is no longer warring me on booting system and updating software.
Maybe, later I will turn on the encryption of the swap partition back (using the same guide), when I will know, that this bug is fixed.
Related videos on Youtube
timetofly
Updated on September 18, 2022Comments
-
timetofly over 1 year
I installed a brand new SSD into my laptop and did a fresh install of Ubuntu 15.04, with NO system encryption used (only Home directory encryption). However, it still asks me for a password when booting (I just press Enter to skip):
Additionally, after doing the fresh install, upgrading packages also asks me for a password multiple times, which
Enter
also bypasses. The program is "systemd-tty-ask-password-agent", so the issue seems to be with systemd.The relevant message in the terminal:
Please enter passphrase for disk Crucial_CT250MX200SSD4 (cryptswap1) on none! update-initramfs: deferring update (trigger activated) Broadcast message from root@username-XPS-13-9343 (Thu 2015-04-30 22:06:22 EDT): Password entry required for 'Please enter passphrase for disk Crucial_CT250MX200SSD4 (cryptswap1) on none!' (PID 4027). Please enter password with the systemd-tty-ask-password-agent tool!
The full output from running the upgrade:
+username@username-XPS-13-9343:~$ sudo apt-get upgrade Reading package lists... Done Building dependency tree Reading state information... Done Calculating upgrade... Done The following packages will be upgraded: ca-certificates firefox gir1.2-gudev-1.0 libcurl3 libcurl3-gnutls libgudev-1.0-0 libnm-glib-vpn1 libnm-glib4 libnm-util2 liboxideqt-qmlplugin liboxideqtcore0 liboxideqtquick0 libpam-systemd libsystemd0 libudev1 network-manager oxideqt-codecs systemd systemd-sysv tzdata udev usb-creator-common usb-creator-gtk wpasupplicant 24 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 47.9 MB/73.2 MB of archives. After this operation, 2,989 kB of additional disk space will be used. Do you want to continue? [Y/n] Y Get:1 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main libudev1 amd64 219-7ubuntu4 [40.8 kB] Get:2 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main udev amd64 219-7ubuntu4 [929 kB] Get:3 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main systemd-sysv amd64 219-7ubuntu4 [14.0 kB] Get:4 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main libpam-systemd amd64 219-7ubuntu4 [108 kB] Get:5 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main libsystemd0 amd64 219-7ubuntu4 [73.8 kB] Get:6 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main systemd amd64 219-7ubuntu4 [3,531 kB] Get:7 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main libcurl3-gnutls amd64 7.38.0-3ubuntu2.2 [172 kB] Get:8 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main libcurl3 amd64 7.38.0-3ubuntu2.2 [180 kB] Get:9 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main libgudev-1.0-0 amd64 1:219-7ubuntu4 [14.4 kB] Get:10 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main libnm-util2 amd64 0.9.10.0-4ubuntu15.1 [134 kB] Get:11 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main libnm-glib-vpn1 amd64 0.9.10.0-4ubuntu15.1 [14.4 kB] Get:12 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main libnm-glib4 amd64 0.9.10.0-4ubuntu15.1 [84.7 kB] Get:13 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main tzdata all 2015d-0ubuntu0.15.04 [178 kB] Get:14 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main ca-certificates all 20141019ubuntu0.15.04.1 [191 kB] Get:15 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main firefox amd64 37.0.2+build1-0ubuntu0.15.04.1 [40.1 MB] Get:16 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main gir1.2-gudev-1.0 amd64 1:219-7ubuntu4 [5,564 B] Get:17 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main wpasupplicant amd64 2.1-0ubuntu7.1 [768 kB] Get:18 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main network-manager amd64 0.9.10.0-4ubuntu15.1 [754 kB] Get:19 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main usb-creator-gtk amd64 0.2.67ubuntu0.1 [23.4 kB] Get:20 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main usb-creator-common amd64 0.2.67ubuntu0.1 [23.7 kB] Get:21 http://us.archive.ubuntu.com/ubuntu/ vivid-updates/main oxideqt-codecs amd64 1.6.5-0ubuntu0.15.04.1 [533 kB] Fetched 47.9 MB in 1min 18s (613 kB/s) Preconfiguring packages ... (Reading database ... 171469 files and directories currently installed.) Preparing to unpack .../libudev1_219-7ubuntu4_amd64.deb ... Unpacking libudev1:amd64 (219-7ubuntu4) over (219-7ubuntu3) ... Setting up libudev1:amd64 (219-7ubuntu4) ... Processing triggers for libc-bin (2.21-0ubuntu4) ... (Reading database ... 171469 files and directories currently installed.) Preparing to unpack .../udev_219-7ubuntu4_amd64.deb ... Unpacking udev (219-7ubuntu4) over (219-7ubuntu3) ... Processing triggers for man-db (2.7.0.2-5) ... Processing triggers for ureadahead (0.100.0-19) ... ureadahead will be reprofiled on next reboot Processing triggers for systemd (219-7ubuntu3) ... Setting up udev (219-7ubuntu4) ... Please enter passphrase for disk Crucial_CT250MX200SSD4 (cryptswap1) on none! update-initramfs: deferring update (trigger activated) Broadcast message from root@username-XPS-13-9343 (Thu 2015-04-30 22:06:22 EDT): Password entry required for 'Please enter passphrase for disk Crucial_CT250MX200SSD4 (cryptswap1) on none!' (PID 4027). Please enter password with the systemd-tty-ask-password-agent tool! Processing triggers for initramfs-tools (0.103ubuntu15) ... update-initramfs: Generating /boot/initrd.img-3.19.0-15-generic (Reading database ... 171469 files and directories currently installed.) Preparing to unpack .../systemd-sysv_219-7ubuntu4_amd64.deb ... Unpacking systemd-sysv (219-7ubuntu4) over (219-7ubuntu3) ... Processing triggers for man-db (2.7.0.2-5) ... Setting up systemd-sysv (219-7ubuntu4) ... (Reading database ... 171469 files and directories currently installed.) Preparing to unpack .../libpam-systemd_219-7ubuntu4_amd64.deb ... Unpacking libpam-systemd:amd64 (219-7ubuntu4) over (219-7ubuntu3) ... Preparing to unpack .../libsystemd0_219-7ubuntu4_amd64.deb ... Unpacking libsystemd0:amd64 (219-7ubuntu4) over (219-7ubuntu3) ... Processing triggers for man-db (2.7.0.2-5) ... Setting up libsystemd0:amd64 (219-7ubuntu4) ... Processing triggers for libc-bin (2.21-0ubuntu4) ... (Reading database ... 171469 files and directories currently installed.) Preparing to unpack .../systemd_219-7ubuntu4_amd64.deb ... Unpacking systemd (219-7ubuntu4) over (219-7ubuntu3) ... Processing triggers for dbus (1.8.12-1ubuntu5) ... Processing triggers for man-db (2.7.0.2-5) ... Processing triggers for ureadahead (0.100.0-19) ... Setting up systemd (219-7ubuntu4) ... Please enter passphrase for disk Crucial_CT250MX200SSD4 (cryptswap1) on none! (Reading database ... 171469 files and directories currently installed.) Preparing to unpack .../libcurl3-gnutls_7.38.0-3ubuntu2.2_amd64.deb ... Unpacking libcurl3-gnutls:amd64 (7.38.0-3ubuntu2.2) over (7.38.0-3ubuntu2) ... Preparing to unpack .../libcurl3_7.38.0-3ubuntu2.2_amd64.deb ... Unpacking libcurl3:amd64 (7.38.0-3ubuntu2.2) over (7.38.0-3ubuntu2) ... Preparing to unpack .../libgudev-1.0-0_1%3a219-7ubuntu4_amd64.deb ... Unpacking libgudev-1.0-0:amd64 (1:219-7ubuntu4) over (1:219-7ubuntu3) ... Preparing to unpack .../libnm-util2_0.9.10.0-4ubuntu15.1_amd64.deb ... Unpacking libnm-util2:amd64 (0.9.10.0-4ubuntu15.1) over (0.9.10.0-4ubuntu15) ... Preparing to unpack .../libnm-glib-vpn1_0.9.10.0-4ubuntu15.1_amd64.deb ... Unpacking libnm-glib-vpn1:amd64 (0.9.10.0-4ubuntu15.1) over (0.9.10.0-4ubuntu15) ... Preparing to unpack .../libnm-glib4_0.9.10.0-4ubuntu15.1_amd64.deb ... Unpacking libnm-glib4:amd64 (0.9.10.0-4ubuntu15.1) over (0.9.10.0-4ubuntu15) ... Preparing to unpack .../tzdata_2015d-0ubuntu0.15.04_all.deb ... Unpacking tzdata (2015d-0ubuntu0.15.04) over (2015c-1) ... Setting up tzdata (2015d-0ubuntu0.15.04) ... Current default time zone: 'America/New_York' Local time is now: Thu Apr 30 22:20:06 EDT 2015. Universal Time is now: Fri May 1 02:20:06 UTC 2015. Run 'dpkg-reconfigure tzdata' if you wish to change it. (Reading database ... 171469 files and directories currently installed.) Preparing to unpack .../ca-certificates_20141019ubuntu0.15.04.1_all.deb ... Unpacking ca-certificates (20141019ubuntu0.15.04.1) over (20141019) ... Preparing to unpack .../firefox_37.0.2+build1-0ubuntu0.15.04.1_amd64.deb ... Unpacking firefox (37.0.2+build1-0ubuntu0.15.04.1) over (37.0+build2-0ubuntu1) ... Preparing to unpack .../gir1.2-gudev-1.0_1%3a219-7ubuntu4_amd64.deb ... Unpacking gir1.2-gudev-1.0 (1:219-7ubuntu4) over (1:219-7ubuntu3) ... Preparing to unpack .../wpasupplicant_2.1-0ubuntu7.1_amd64.deb ... Unpacking wpasupplicant (2.1-0ubuntu7.1) over (2.1-0ubuntu7) ... Preparing to unpack .../network-manager_0.9.10.0-4ubuntu15.1_amd64.deb ... Unpacking network-manager (0.9.10.0-4ubuntu15.1) over (0.9.10.0-4ubuntu15) ... Broadcast message from root@username-XPS-13-9343 (Thu 2015-04-30 22:20:19 EDT): Password entry required for 'Please enter passphrase for disk Crucial_CT250MX200SSD4 (cryptswap1) on none!' (PID 15391). Please enter password with the systemd-tty-ask-password-agent tool! Preparing to unpack .../usb-creator-gtk_0.2.67ubuntu0.1_amd64.deb ... Unpacking usb-creator-gtk (0.2.67ubuntu0.1) over (0.2.67) ... Preparing to unpack .../usb-creator-common_0.2.67ubuntu0.1_amd64.deb ... Unpacking usb-creator-common (0.2.67ubuntu0.1) over (0.2.67) ... Preparing to unpack .../liboxideqt-qmlplugin_1.6.5-0ubuntu0.15.04.1_amd64.deb ... Unpacking liboxideqt-qmlplugin:amd64 (1.6.5-0ubuntu0.15.04.1) over (1.5.5-0ubuntu1) ... Preparing to unpack .../liboxideqtquick0_1.6.5-0ubuntu0.15.04.1_amd64.deb ... Unpacking liboxideqtquick0:amd64 (1.6.5-0ubuntu0.15.04.1) over (1.5.5-0ubuntu1) ... Preparing to unpack .../liboxideqtcore0_1.6.5-0ubuntu0.15.04.1_amd64.deb ... Unpacking liboxideqtcore0:amd64 (1.6.5-0ubuntu0.15.04.1) over (1.5.5-0ubuntu1) ... Preparing to unpack .../oxideqt-codecs_1.6.5-0ubuntu0.15.04.1_amd64.deb ... Unpacking oxideqt-codecs:amd64 (1.6.5-0ubuntu0.15.04.1) over (1.5.5-0ubuntu1) ... Processing triggers for man-db (2.7.0.2-5) ... Processing triggers for gnome-menus (3.10.1-0ubuntu5) ... Processing triggers for desktop-file-utils (0.22-1ubuntu3) ... Processing triggers for bamfdaemon (0.5.1+15.04.20150202-0ubuntu1) ... Rebuilding /usr/share/applications/bamf-2.index... Processing triggers for mime-support (3.58ubuntu1) ... Processing triggers for dbus (1.8.12-1ubuntu5) ... Processing triggers for systemd (219-7ubuntu4) ... Processing triggers for ureadahead (0.100.0-19) ... Processing triggers for hicolor-icon-theme (0.14-0ubuntu1) ... Setting up libpam-systemd:amd64 (219-7ubuntu4) ... Setting up libcurl3-gnutls:amd64 (7.38.0-3ubuntu2.2) ... Setting up libcurl3:amd64 (7.38.0-3ubuntu2.2) ... Setting up libgudev-1.0-0:amd64 (1:219-7ubuntu4) ... Setting up libnm-util2:amd64 (0.9.10.0-4ubuntu15.1) ... Setting up libnm-glib-vpn1:amd64 (0.9.10.0-4ubuntu15.1) ... Setting up libnm-glib4:amd64 (0.9.10.0-4ubuntu15.1) ... Setting up ca-certificates (20141019ubuntu0.15.04.1) ... Setting up firefox (37.0.2+build1-0ubuntu0.15.04.1) ... Please restart all running instances of firefox, or you will experience problems. Setting up gir1.2-gudev-1.0 (1:219-7ubuntu4) ... Setting up wpasupplicant (2.1-0ubuntu7.1) ... Setting up network-manager (0.9.10.0-4ubuntu15.1) ... Please enter passphrase for disk Crucial_CT250MX200SSD4 (cryptswap1) on none! Broadcast message from root@username-XPS-13-9343 (Thu 2015-04-30 22:20:47 EDT): Password entry required for 'Please enter passphrase for disk Crucial_CT250MX200SSD4 (cryptswap1) on none!' (PID 19822). Please enter password with the systemd-tty-ask-password-agent tool! Please enter passphrase for disk Crucial_CT250MX200SSD4 (cryptswap1) on none! Setting up usb-creator-common (0.2.67ubuntu0.1) ... Setting up usb-creator-gtk (0.2.67ubuntu0.1) ... Setting up oxideqt-codecs:amd64 (1.6.5-0ubuntu0.15.04.1) ... Setting up liboxideqtcore0:amd64 (1.6.5-0ubuntu0.15.04.1) ... Setting up liboxideqtquick0:amd64 (1.6.5-0ubuntu0.15.04.1) ... Setting up liboxideqt-qmlplugin:amd64 (1.6.5-0ubuntu0.15.04.1) ... Processing triggers for libc-bin (2.21-0ubuntu4) ... Processing triggers for ca-certificates (20141019ubuntu0.15.04.1) ... Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done. Running hooks in /etc/ca-certificates/update.d....done. username@username-XPS-13-9343:~$
Somebody posted a similar issue here, but that seems to be related to OpenVPN, which I am not using. I don't have the
/etc/default/openvpn
file anyway.How do I fix this issue?
-
Kempe about 9 yearsI have the same problem as you, i don't mind having to type password on boot but it's annoying having to type the password 10 times during update
-
Wolf over 7 yearsIf it helps anyone, my solution was to comment out the regular swap partition in
/etc/fstab
and to leave the cryptswap uncommented
-
-
timetofly about 9 yearsThank you! Only difference for me was that
/dev/mapper/cryptswap1
didn't exist for me. I wonder what caused this. Might be a bug in the 15.04 installer. -
Kempe about 9 yearsYeah probably. I did not enable it at least
-
Christian about 9 yearsThis anwer is DANGEROUSLY WRONG! It is actually breaking security. Swap-space is randomly encrypted too, when home is enrypted, as user-data might be swapped!! Actually, there seems to be a problem in systemd causing to prompt for a password even for randomly encrypted partitions but this solutions just breaks the concept of encryption!
-
Christian about 9 yearsYou had it. You probably didn't notice. Swap is always encrpted when home is enrypted. Seems to be a systemd-issue. There should be no prompt for a password as there is none. As data on swap is irrelevant after a reboot, the encrpytion-key is randomly generated on every boot. lists.launchpad.net/touch-packages/msg72437.html
-
Kempe about 9 yearsyeah probably i just did not notice it, but the behaviour in 15.04 with password questions for everything you do and multiple times for every command is DANGEROUSLY annoying and might lead to permanent brain damage...
-
Christian about 9 yearsFine if breaking encryption is good enough for you. But womeone who cares about encryption might read this "solution" and as it was marked as correct don't realize that he is actually breaking encrpytion instead of fixing this issue, which resided somewhere else.
-
Kempe about 9 yearsas i said i have updated the answer to include a warning
-
timetofly almost 9 yearsThanks for the heads up--I've unaccepted the other answer so as not to mislead others. Security is fairly important for me, so it would be really nice if you could add some instructions on how to safely reverse the steps provided by kempe (without breaking anything). Is there a safer workaround for now? And when they fix this, would it only affect new installations or existing ones also?
-
Kempe almost 9 yearsYou have how to reverse it in the link at the end of my answer
-
kd8azz almost 9 yearsI wish there was a way to upvote this answer, but not increase its visible score. I think this answer has value, but only when it is clearly discouraged, which the -1 score contributes to. So Kudos, Kempe. That's all I can do.
-
Matt over 8 yearsWas this ever fixed? I'm on 15.10 and I still have this issue.
-
Daniel almost 8 yearsThis problem still exists even on Ubuntu 16.04 LTS!!! Did the same, turned off encryption for the swap partition.
-
Deniz Acay over 7 yearsHow can I reverse this process? I've done this but later found a version of ecryptfs that fixed this bug.
-
Day about 7 yearsStill not fixed in 16.04 LTS. This answer does have a workaround which worked for me.
-
Day about 7 years+1 worked for me in 16.04 LTS. I did have to do the
dd
command and reboot again. Thanks! -
mc.dev almost 6 yearsIf /dev/mapper/cryptswap1 file does not exist, you can use command 'lsblk --fs' to check partition id. After that you can use id to execute cryptsetup. Example: sudo cryptsetup remove <partition-id>