Hi guys!

I have a Surface laptop, which I want to use again with a microSD as external storage. Since this can be easily pulled off from the laptop, I want it to be encrypted. This was encrypted before, but eventually the SD failed, and I’m trying to recreate what I had…without much success.

Steps so far… Create the LUKS volume:

#cryptsetup luksFormat /dev/sda

Format in ext4 (I believe it was in Exfat with the old SD?):

#cryptsetup open /dev/sda encrypted
#mkfs.ext4 /dev/mapper/encrypted

That should do it regarding the volume creation. Now comes what I can’t quite get working. I created a pw txt file within my home folder:

/home/user/EncryptedSD.txt

Then I refer to this via /etc/crypttab at boot:

encrypted /dev/sda /home/user/EncryptedSD.txt

And my /etc/fstab should attempt to mount this on the spot:

/dev/mapper/encrypted /media/SDCard ext4 auto,nofail,rw

However, as this is set, I’m being prompted halfway through boot for the password. And I can’t type anything onto that field. Not that it matters, as it’s a really long randomly generated password, no way I could remember it.

Even if I managed to make it go through boot, I’m still prompted for mounting the drive when I clicked on it, and I’m also prompted for the password, so clearly something’s not quite there yet. Any ideas? I intend to sync a series of network folders to this drive, so not being ready can make it a bit messier to sync at boot.

Thanks!