Command Line

 View Only

 RHEL 7.9 Encryption issues

cryele's profile image
cryele posted Oct 19, 2020 11:11 AM
I encrypted a RHEL 7.9 machine last week that seemed to encrypt just fine. I used the following command:

pgpwde --secure --disk 0 --username 'user' --interactive --all --safe-mode

it then proceeded to encrypt sda2 and sda3, but did not encrypt sda1. sda1 I believe is the EFI boot partition, and it's a different type by default.
Upon encryption completion, I rebooted and received errors, and could not boot.
It did not go to the Bootguard screen, it immediately went to the kernel select screen.

The errors I received resembled the following:

error: no such device (UUID)
error: hd0,gpt2 not found
error: you need to load the kernel first

My drive is partitoned as such:

/dev/sda1 - EFI system mounted at /boot/efi  (FAT32)
/dev/sda2 - Basic Data mounted at /boot (XFS)
/dev/sda3 - LVM data (LVM2)

I haven't had issues encrypting an old style BIOS using MBR on RHEL, but this is the first time I've tried using this product with UEFI/GPT.

Is there something else I need to do, or something I'm forgetting to change before/after encrypting (but before rebooting)?