[dm-crypt] UUID question
sven at whgl.uni-frankfurt.de
Fri Dec 21 02:24:07 CET 2012
Old bugs it seems. Neither my gentoo box, nor a Ubuntu 12.10 showed the
behavior you describe. Can you verify that the entries under
/dev/disk/by-uuid/ are softlinks on Lucid?
On Thu, December 20, 2012 12:16, Yaron Sheffer wrote:
> Hi Sven,
> a quick correction: blkid is (surprisingly) not smart enough, and your
> command line results in duplicates. Both the /dev (e.g. /dev/sdg) and
> the equivalent /dev/disk/by-uuid are listed.
> So you want to use:
> blkid -t TYPE="crypto_LUKS" -s UUID /dev/disk/by-uuid/*
> (tested on Ubuntu 10.04 Lucid).
> On 12/20/2012 01:00 PM, dm-crypt-request at saout.de wrote:
>> Date: Thu, 20 Dec 2012 00:30:23 +0100
>> From: "Sven Eschenberg" <sven at whgl.uni-frankfurt.de>
>> To: dm-crypt at saout.de
>> Subject: Re: [dm-crypt] UUID question
>> <18e39b1120b315e7553bdb330e5103c5.squirrel at ssl.verfeiert.org>
>> Content-Type: text/plain;charset=utf-8
>> cryptsetup luksUUID <dev> will return the luks header's UUID if <dev>
>> holds a luks header, and yes, this should usually not change the same
>> as the UUID of a filesystem souldn't.
>> There's 2 problems though:
>> 1.) You'd have to know <dev> in advance or iterate over all possible
>> locked) blockdevices (which is what blkid usually does anyway for you)
>> 2.) a blockdev could possibly hold a luks header and still be part of a
>> device (depending on metadata version), you'd better hope that the md
>> device is set up already, when you issue your cryptsetup commands.
>> Concerning the original question:
>> The UUID within the LUKS header should not change throughout the LUKS
>> volume's lifetime, except for enforced changes (as noted before).
>> To associated keys based on luks UUID, using something like:
>> 'blkid -t TYPE="crypto_LUKS" -s UUID'
>> is probably a good starting point, as it gives you the UUID to retrieve
>> the keys based on the UUID and the device inode you'd use on further
>> to cryptsetup etc. - The rest is just a little shell magic ;-)
> dm-crypt mailing list
> dm-crypt at saout.de
More information about the dm-crypt