[dm-crypt] Master key question

David Li w.david.li at gmail.com
Thu Dec 20 16:16:37 CET 2012


Sven,

I have several questions regarding the master key or key use in general
that so far I haven't been able to find answers in FAQ or man pages.

1. If I don't supply a master key or key file explicitly at luksFormat,
will it be automatically generated? On Linux, is it generated by
/dev/random?

2. If I use only key files (no passwords or phrases), will PBKDF be
bypassed internally? Will the key file bits be used directly to encrypt and
decrypt the master key?


David



On Wed, Dec 19, 2012 at 11:03 PM, Sven Eschenberg <
sven at whgl.uni-frankfurt.de> wrote:

> No, the key supplied during luksFormat is the initial skot-0 key. The
> masterkey is generated or can alternativly be supplied on the same command
> line.
>
> This is covered in the man page (as well as the FAQ AFAIK).
>
> Quote from man page:
> luksFormat <device> [<key file>]
> Initializes a LUKS partition and  sets  the  initial  passphrase
> (for  key-slot  0), either via prompting or via <key file>.
>
> Regards
>
> -Sven
>
> On Thu, December 20, 2012 05:47, David Li wrote:
> > Is the master key the key used in luksFormat?
> > _______________________________________________
> > dm-crypt mailing list
> > dm-crypt at saout.de
> > http://www.saout.de/mailman/listinfo/dm-crypt
> >
>
>
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20121220/eb1d798a/attachment.html>


More information about the dm-crypt mailing list