View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions getting KVM finnix kernel to work with LUKS disk encryption
Log in to Ask a Question

getting KVM finnix kernel to work with LUKS disk encryption

beta

I'm trying to replicate our current setup with XEN (i.e. LUKS encrypted root disk) with a KVM enabled node, but run into problems when I try to luksFormat the partition/disk

It seems required crypto API's are either not compiled into the finnix KVM kernel, or module loading does not work.

Example session:

# cryptsetup  luksFormat -v /dev/sdc3

WARNING!
========
This will overwrite data on /dev/sdc3 irrevocably.

Are you sure? (Type uppercase yes): YES
Enter passphrase: 
Verify passphrase: 
device-mapper: reload ioctl on  failed: No such file or directory
Failed to open temporary keystore device.
device-mapper: remove ioctl on temporary-cryptsetup-3692 failed: No such device or address
device-mapper: reload ioctl on temporary-cryptsetup-3692 failed: No such device or address
device-mapper: remove ioctl on temporary-cryptsetup-3692 failed: No such device or address
device-mapper: remove ioctl on temporary-cryptsetup-3692 failed: No such device or address
device-mapper: remove ioctl on temporary-cryptsetup-3692 failed: No such device or address
device-mapper: remove ioctl on temporary-cryptsetup-3692 failed: No such device or address
Command failed with code 5: Input/output error

Also, the kernel modules directory seem to be mismatched to the finnix KVM kernel:

Linux finnix 3.16.1-kvmnode #1 SMP Mon Apr 27 15:07:17 EDT 2015 x86_64 GNU/Linux

# ls -l /lib/modules/
total 0
drwxr-xr-x 1 root root 220 Jun 17 10:13 3.10.0-1-amd64-finnix
drwxr-xr-x 1 root root 380 Sep 15  2013 3.10.0-1-x86-finnix

# modprobe dm_crypt
libkmod: ERROR ../libkmod/libkmod.c:554 kmod_search_moddep: could not open moddep file '/lib/modules/3.16.1-kvmnode/modules.dep.bin'

5 Replies

I have an open ticket regarding this.

Looks like finnix in KVM has the wrong modules under /lib/modules and they don't match the current kernel.

I have the LUKS setup myself so I don't want to take the risk in moving to KVM if I can't fix any issues in finnix.

There's a workaround (if you don't have the disk allocated to 100%), just deploy a debian/ubuntu imate in a 1GB disk and boot from there (apt-get install cryptsetup-bin of course after initial boot).

Linode Staff

Ignore the modules - they are not used, anyhow.

Up next (within a few days), is an updated Finnix image, and kernel - which we will make sure has all of the needful.

Thanks,

-Chris

@tcpdump:

There's a workaround (if you don't have the disk allocated to 100%), just deploy a debian/ubuntu imate in a 1GB disk and boot from there (apt-get install cryptsetup-bin of course after initial boot).

That's what i did for a new instance, and I wrote a memo to myself to never fully allocate the diskspace in the future, to be flexible in situations such as this ;)

@caker:

Ignore the modules - they are not used, anyhow.
Yes, i figured that most of the stuff was compiled into the kernel. Looking forward to the new finnix release!

Thanks for the quick reply!

Hello, not sure if this is the same problem I am currently having but after creating my Linode, I converted it to KVM. Later I wanted to connect my linode in rescue mode, but when I try to login at finnix, it always fails and says "login incorrect". I know my user crediantials are correct.

Should I go back to Xen?

In fact, I'll delete that Linode and go back to Xen. I want to fresh start tomorrow morning and no need to keep this KVM thingy live.

Thanks.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct