Solution: When you have a drive which is encrypted and password protected and you want the drive to be mounted automatically at startup below are the steps that you can use:
Step 1. Open the encrypted drive as you usually do and mount it to any location.
For Example:
# cryptsetup open /data/user datadisk # mount /dev/loop0 /mnt/newdata
Step 2. Now you have to generate an additional key file at (un-encrypted location) with following command:
# dd if=/dev/urandom of=/boot/keyfile bs=1024 count=4
Note: dd command is to generate a file with random data.
bs=1024 count=4 is to writes 4 blocks of 1024 bytes length (= 4096 bytes in total, i.e = 4 Kbyte) of binary zeros into the file 'keyfile'.
Step 3. You must change the key file permission to read only:
# chmod 0400 /boot/keyfile
Step 4. Now you have to link the keyfile with encrypted drive as mentioned below:
# cryptsetup luksAddKey /dev/loop0 /boot/keyfile
Note: use command # lsblk and then you must locate the correct drive which is encrypted like “/dev/loop0” in my case.
Step 5. Now finally you can use the below command and place it in crontab and mark it to be executed at the time of system startup:
@reboot cryptsetup open --type luks --key-file /boot/keyfile /data/user datadisk mount /dev/loop0 /mnt/newdata