diff --git a/gentoo.sh b/gentoo.sh
index 187400d..105b8b8 100644
--- a/gentoo.sh
+++ b/gentoo.sh
@@ -38,7 +38,7 @@ ROOT_PASSWORD="123456"
 WIRELESS_PASSWORD='123456'
 SSID='123456'
 DISK_PASSWORD='123456'
-AUTO_DECRYPT='True'
+AUTO_DECRYPT='False'
 WIRELESS_INTERFACE='wlan0'
 COMPRESSION='compress=zstd:10'
 FLATPAKS+=()
@@ -105,11 +105,10 @@ decryptBoot() {
 	echo "Adding new key......"
 	echo
 	printf "$DISK_PASSWORD" | cryptsetup luksAddKey $1 /boot/$KEYFILE
-	echo "install_items+=/boot/$KEYFILE" >>/etc/dracut.conf
-	echo "install_items+=/boot/unlock.sh" >>/etc/dracut.conf
-	sed -i "s/none/\/boot\/$KEYFILE,keyscript=\/boot\/unlock.sh/" /etc/crypttab
-	echo "#!/bin/bash" > /boot/unlock.sh
-	echo "cryptsetup open UUID=$(/sbin/blkid -s UUID -o value ${BTRFS}) --key-file=/boot/$KEYFILE $ROOT_MAPPER_NAME" >> /boot/unlock.sh
+	echo "install_items+=\" /boot/unlock.sh /boot/$KEYFILE \"" >>/etc/dracut.conf
+	sed -i "s/none/luks,\/boot\/$KEYFILE,keyscript=\/boot\/unlock.sh/" /etc/crypttab
+	echo "#!/bin/bash" >/boot/unlock.sh
+	echo "cryptsetup open UUID=$(/sbin/blkid -s UUID -o value ${BTRFS}) --key-file=/boot/$KEYFILE $ROOT_MAPPER_NAME" >>/boot/unlock.sh
 	chmod +x /boot/unlock.sh
 }
 
@@ -910,7 +909,6 @@ bootloader() {
 	LOADER_FILE="/boot/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf"
 	PREVIOUS_LOADER_FILE="/boot/loader/entries/previous.conf"
 	clear
-	echo "$ROOT_MAPPER_NAME UUID=$(/sbin/blkid -s UUID -o value ${BTRFS})  none luks" >/etc/crypttab
 
 	echo 'add_dracutmodules+=" crypt dm rootfs-block "' >/etc/dracut.conf
 	if [[ $SWAP_CHOICE = *y* ]]; then
@@ -920,7 +918,10 @@ bootloader() {
 	fi
 
 	if [ "$AUTO_DECRYPT" == "True" ]; then
+		echo "$ROOT_MAPPER_NAME UUID=$(/sbin/blkid -s UUID -o value ${BTRFS})  none" >/etc/crypttab
 		decryptBoot "${BTRFS}"
+	else
+		echo "$ROOT_MAPPER_NAME UUID=$(/sbin/blkid -s UUID -o value ${BTRFS})  none luks" >/etc/crypttab
 	fi
 
 	mkdir -p /boot/$MACHINE_ID/$KERNEL_VERSION