[dm-crypt] Newbie question --key-file
LiD at cloudshield.com
Fri Oct 26 18:27:12 CEST 2012
Please see below.
>> First I did:
>> /-bash-4.1# cryptsetup --key-file keyfile-1 luksFormat /dev/loop0/
>for me your example works but I have sha256, aes and cbc loaded (which is
>required as you use aes as crypto-mode, sha256 as hash and cbc as block-mode
>or what ever it is called). The setup is not proper as you see there is no key slot
[Li, David] Can you explain a little here why key slot wasn't used? Why did the luksDump or the blkid result seem to be normal?
>> Question #2. I went thru FAQ and didn't quite find an example using
>> key-file to setup LUKS. But I found this line:
>> /cryptsetup luksOpen //--//key//-//file keyfile /////dev/////loop0 e1/
>> what is e1 here? Can someone give an example using key-file to set up
>> a LUKS partition.
>e1 is the name of the crypt mapping. After opening the mapping you can
>access it under /dev/mapper/e1 (e.g. to create a file system).
More information about the dm-crypt