Fresh Neon install can't boot if encryption is used (20240201-0717 iso)

After the Neon updater hosed my system (as documented here: Upgrade to 22.04 breaks Neon, can't boot), I wiped the partition and attempted a whole fresh reinstall. However, the installer doesn’t seem to work properly if full disk encryption is used. Repro:

  1. Download the ISO (20240201-0717), copy to USB & boot live
  2. Once booted, connect to wifi & launch the installer
  3. On the Partitions step, choose “Manual Partitioning”:
    • Select free space->Create. File System=btrfs, Encrypt=checked, Mount Point=/
    • As it’s a multi-boot system, I have an existing fat32 efi partition. Select that partition->Edit. Set its mount point to /boot/efi.
  4. Proceed with the install
  5. Reboot.

Result: It prompts for the password, accepts the password, shows the Grub menu, I select Neon, then it fails to boot. The error is cryptsetup: ERROR luks-(uuid): maximum number of tries exceeded. If I hit a key to show the text, it reveals:

/bin/cat: /crypto_keyfile.bin: No such file or directory
Nothing to read on input.
cryptsetup: ERROR: luks-(uuid): cryptsetup failed, bad password or options?
(...repeating over and over until it gives up & drops to shell)
  • This was the exact install process that worked properly with the previous version of Neon (20.04). Just to sanity check my steps, I went back & fully reinstalled the 20220324-0945 ISO. It worked without issue. So this definitely seems to be a regression.
  • After some googling, I found threads that say the current installer is broken only with encryption & btrfs, so I tried to repeat the process using ext4 rather than btrfs. The same error occurred.
  • I also tried choosing “Replace a partition” rather than “Manual Partitioning.” I gave it the partition I intended to use as “/” (aka I didn’t explicitly give it /boot/efi). Same issue.
  • I tried doing the same, but not selecting encryption (not an option for real-world use, but just out of curiosity). That worked.

So it seems to be unable to install with encryption.

Further googling turned this up, with others reporting the same:

I’ve tried all the suggested steps on that reddit, but can’t seem to get a fresh install working. Any help would be appreciated, as I’m hoping after a full day lost, I won’t be stuck just having to reinstall the same old 20.04 version I’d been using prior to trying to upgrade.

1 Like

Exactly the same problem; I actually went through non-encrypted install just to make sure it was only encryption breaking the boot up. That was with today’s 0304-2101.

1 Like

Same problem here.
Fresh install neon-user-20240304-2101 (in virtualbox) ,
it works perfectly If i don’t use encryption . with encryption it gets stuck (see pic) .
it successfully unlocks the encrypted partition at boot (decrypting master key… slot 0 opened) , but it fails before getting to the user login screen.

0307-0714 Encryption still broken.

1 Like

I’m running into the same problem on a clean install. Will it be feasible to encrypt the drive later on, or should I plan to need to reinstall again later when this is fixed?

Uhm, just as feedback, I was able to install Neon with encryption just fine not long ago. I think I used neon-user-20240229-0716.iso.

I don’t really think it should be the case… But could it be that you are using any input from numpad? I ask so, because in my system I find the behaviour of having the numlock disabled every time I boot my system uncommon (need to check further about that, if this one is just a minor problem of mine).

Don’t eat me alive if I said something dumb, because I probably I did!

I Just don’t know why it worked for me, and I can’t think of anything better than that.

@MaxCube128 Hello :slight_smile: I’m not typing the password incorrectly, infact slot 0 opens just fine when booting (see pic). After that I get the Neon loading screen with the cryptsetup error that I posted previously.
I would have posted more screenshots but new users are limited to 1 only.

I tried both neon-user-20240307-0714 and neon-user-20240304-2101. Same problem just like user John_Friedson reported.

I can just wait for the next neon iso release , maybe they’ll have fixed it by then. I got lucky I always test new installation isos in virtualbox first, it saves me a lot of wasted time if things go bad.

1 Like

Yes, my suggestion was kinda silly… I just wish I could help, because for some reason the encryption on my system works just fine. So, maybe there is a way to make it work…

I’ve the same problem on fresh install with neon-user-20240307-0714.iso…
I’ve setted encryption during install setup, but when the VM is restarted obtain this error…
I don’t think it’s a keyboard problem (even though I set up an Italian keyboard) because the password I chose would be no different on an American keyboard…

Hey, this is how I do a full disk encryption (except efi and boot of course,(working for years now on Neon):
To set up an encrypted Luks LVM on GPT with UEFI I had to do following:

  • Boot neon installer via EFI
  • create /boot, create LUKS manually
  • pvcreate and vgcreate a device in LUKS-Volume
  • partition manually on the created device
  • keep a file open on one of these drives (because calamares unmounts and closes drives and devices on install - regression)
  • don’t format /boot/efi but use it
  • /, /home or whatever else is kept in the created devices - just /boot /boot/efi stay out of it.
  • no chroot or something like that should be necessary

I’m using Neon since day one, and unfortunately only once this luks-setup installed without quirks.
Can’t post a Link as a new member - but if you look for “system verschlüsseln ubuntu” you will find a german ubuntuusers page with further details.
You’ll need a translator for this page though.

Probably we can put instructions in english somewhere. I’m glad to help.
I suggest to create a separate home drive anyway - it makes reinstallation a lot easier.


Just tried neon-user-20240312-2344.iso and encrypted / partition and it worked, booted up just fine. Have not yet tried encrypting swap as well.

Sorry I wrote in the other topic but here’s what I did to fix my setup: Disk Encryption not working on recent neon iso's but is working on older images? - #10 by broulik

Just tried neon-user-20240312-2344, it works fine now. I can finally install it on my pc :slight_smile: thanks for fixing it. :+1: