[dm-crypt] luksAddKey successful but not working

Arno Wagner arno at wagner.name
Thu May 30 03:10:04 CEST 2013


I suspect that something in the initrd or the configuration it uses is
missing. Look at the boot messages for anything related,
Then look at the contents of the initrd and what it does in the one 
system and does not do in the other one.

Arno

On Wed, May 29, 2013 at 08:56:30PM -0400, leam hall wrote:
> So what I'm seeing is an error "No key available with this passphrase".
> What makes this odd is that there are two boxes; one build with a file
> system encrypted and the other adding it afterwards. Both have the same
> ~/keyfile. The manually built system won't read the keyfile  on boot and
> drops the box into "fix your filesystem" mode. The "encrypted on install"
> box works just fine.They are pretty much build from the same OS version,
> though the bad one has more packages.
> 
> Any ideas on how to trouble-shoot this?
> 
> Thanks!
> 
> Leam
> 
> 
> On Wed, May 22, 2013 at 11:36 AM, leam hall <leamhall at gmail.com> wrote:
> 
> > I have a support ticket with RH open now. So far I am not sure it is a
> > bug. It may well just be my misunderstanding. If it does turn out to be a
> > bug I will file it.
> >
> > Thanks!
> >
> > Leam
> >
> >
> > On Wed, May 22, 2013 at 11:28 AM, Milan Broz <gmazyland at gmail.com> wrote:
> >
> >> On 05/22/2013 04:33 PM, Arno Wagner wrote:
> >> > A look into the man-page of cryptsetup shows that luksAddKey does
> >> > not write the key-file, but reads it. I am surprised though that
> >> > cryptsetup does not complain that the file is missing. With my
> >> > system (cryptsetup 1.6.0) it does:
> >> >
> >> > # cryptsetup luksAddKey /dev/loop0 keyfile
> >> > Enter any passphrase:
> >> > Failed to open key file.    <---
> >> > #
> >>
> >> RHEL5 has very old cryptsetup (based on 1.0.3 version) and it is
> >> impossible
> >> to rebase there to a new version.
> >> You can create a bug requesting to fix this issue in RH bugzilla though...
> >>
> >> Milan
> >> _______________________________________________
> >> dm-crypt mailing list
> >> dm-crypt at saout.de
> >> http://www.saout.de/mailman/listinfo/dm-crypt
> >>
> >
> >
> >
> > --
> > Mind on a Mission <http://leamhall.blogspot.com/>
> >
> 
> 
> 
> -- 
> Mind on a Mission <http://leamhall.blogspot.com/>

> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt


-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
There are two ways of constructing a software design: One way is to make it
so simple that there are obviously no deficiencies, and the other way is to
make it so complicated that there are no obvious deficiencies. The first
method is far more difficult.  --Tony Hoare


More information about the dm-crypt mailing list