[dm-crypt] luksAddKey successful but not working

leam hall leamhall at gmail.com
Wed May 22 16:48:52 CEST 2013


Hey Arno, thanks! None of the instructions I found talked about manually
editing the keyfile with the key. That's why I thought luksAddKey created
the file.

So far I'm not doing great with this. Either the /dev/sda partition isn't
able to be mounted or /dev/mapper/luks isn't viewed as a LUKS partition.



On Wed, May 22, 2013 at 10:33 AM, Arno Wagner <arno at wagner.name> wrote:

> A look into the man-page of cryptsetup shows that luksAddKey does
> not write the key-file, but reads it. I am surprised though that
> cryptsetup does not complain that the file is missing. With my
> system (cryptsetup 1.6.0) it does:
>
> # cryptsetup luksAddKey /dev/loop0 keyfile
> Enter any passphrase:
> Failed to open key file.    <---
> #
>
> Have you created "keyfile" before? If so, you just added the empty
> passphrase to your device, something you probably do not want to do.
>
> Arno
>
> On Wed, May 22, 2013 at 08:50:22AM -0400, leam hall wrote:
> > Help! I've nearly broken my desk banging my head against this problem. I
> am
> > using Red Hat 5.9 base install and trying to set the LUKS volume to come
> > on-line on boot.
> >
> > The volume can be manually mounted. However, when I try to create the key
> > file it becomes a 0 length file and does not work when the system boots.
> >
> > cryptsetup luksAddKey /dev/sda2 keyfile
> > Enter any LUKS passphrase:
> > Verify passphrase:
> > key slot 0 unlocked.
> > Command successful.
> >
> >
> > ls -lart keyfile
> > -rw------- 1 root root 0 May 22 08:42 keyfile
> >
> >
> > cat /etc/crypttab
> > luks /dev/sda2 /root/keyfile luks
> >
> >
> > This is probably operator error but I'm not sure where to look. Any help
> > appreciated!
> >
> > Leam
> >
> >
> >
> > --
> > Mind on a Mission <http://leamhall.blogspot.com/>
>
> > _______________________________________________
> > dm-crypt mailing list
> > dm-crypt at saout.de
> > http://www.saout.de/mailman/listinfo/dm-crypt
>
>
> --
> Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
> GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
> ----
> There are two ways of constructing a software design: One way is to make it
> so simple that there are obviously no deficiencies, and the other way is to
> make it so complicated that there are no obvious deficiencies. The first
> method is far more difficult.  --Tony Hoare
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>



-- 
Mind on a Mission <http://leamhall.blogspot.com/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20130522/e93de357/attachment.html>


More information about the dm-crypt mailing list