[dm-crypt] Newbie question --key-file

Li, David LiD at cloudshield.com
Fri Oct 26 18:27:12 CEST 2012


Hi Dennis,
Please see below.

>> First I did:
>> /-bash-4.1# cryptsetup --key-file keyfile-1 luksFormat /dev/loop0/
>...
>
>for me your example works but I have sha256, aes and cbc loaded (which is
>required as you use aes as crypto-mode, sha256 as hash and cbc as block-mode
>or what ever it is called). The setup is not proper as you see there is no key slot
>used.


[Li, David] Can you explain a little here why key slot wasn't used? Why did the luksDump or the blkid result seem to be normal? 

>
>> Question #2. I went thru FAQ and didn't quite find an example using
>> key-file to setup LUKS.  But I found this line:
>>
>> /cryptsetup luksOpen //--//key//-//file keyfile /////dev/////loop0 e1/
>>
>> what is e1 here? Can someone give an example using key-file to set up
>> a LUKS partition.
>
>e1 is the name of the crypt mapping. After opening the mapping you can
>access it under /dev/mapper/e1 (e.g. to create a file system).
>
>Greets,
>Dennis


More information about the dm-crypt mailing list