Detached LUKS header (on USB) for an existing full-disk encryption device with Ubuntu

I already have a /boot partition on a USB stick and a LUKS partition on my computer, which correspond to a fulldisk encryption scheme with Ubuntu 21 I want to put the header of my LUKS partition onto the USB (either on the /boot partition or on another new partition on my USB) I have put the header (with cryptsetup luksHeaderBackup) in boot_header.luks on my boot partition (let say on device /dev/sda3) then in the crypttab file with the option header= I tried the following : - /boot/boot_header.luks - /dev/sda3/boot_header.luks - /dev/sda3:/boot_header.luks and also /boot_header.luks:/dev/sda3 (to be sure) and the same with the uuid of /dev/sda3 and also with /dev/disk/by-uuid/[uuid] So I though the device sda3 wasn't mounted as it should be according to the doc of crypttab (if I understand it correctly) > Optionally, the path [of the file containing the header] may be followed by ":" and an /etc/fstab device specification (e.g. starting with "UUID=" or similar); in which case, the path is relative to the device file system root. The device gets mounted automatically for LUKS device activation duration only. So I looked for mounting the boot partition before the execution of the *cryptroot* script with a custom script in local-bottom and init-bottom. And also as suggested here I tried to incorporate the header in the initramfs following this answer But the result at boot time is always the same : > wrong value for 'header' option I found that it was quite feasible with arch but is there a way to do the same with Ubuntu (without modifying an existing script like cryptroot) ?