[dm-crypt] Unlocking volume using master key
mbroz at redhat.com
Fri Feb 10 22:05:05 CET 2012
On 02/10/2012 09:11 PM, anirudh takkallapally wrote:
> My question over here is How do we unlock an encrypted volume using the Master
> key? this is without having to add a new passphrase.
Hm, this is interesting... it is possible through libcryptsetup API,
but cryptsetup CLI allows using --master-key-file only in
luksFormat and luksAddKey.
It should be easy to add, if you can add issue on project page
I will add it to next version (for luksOpen).
For now, I think the only "simple" shell solution is to not only
store master key, but whole mapping table
"dmsetup table --showkeys" and activate volume using
dmsetup create <name> --table "<stored table>"
(bypass LUKS completely - can be dangerous if wrongly used).
(in mapping table you can replace device to path to snapshot)
It is not ideal solution though...
More information about the dm-crypt