[dm-crypt] change passphrase

Sven Eschenberg sven at whgl.uni-frankfurt.de
Wed Apr 2 11:41:16 CEST 2014


Additionally lsblk might come in handy to get an idea of the current
structure of the storage devices.

-Sven

On Tue, April 1, 2014 23:21, Heiko Rosemann wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 04/01/2014 09:02 PM, Biltong wrote:
>> I have a raid-1 system running btrfs on top of luks.
>>
>> I cannot remember my passphrase, but the system is running and I
>> have made a backup.
>>
>> I'd like to add a new passphrase, and have followed the
>> instructions from 6.10 at
>>
> http://code.google.com/p/cryptsetup/wiki/FrequentlyAskedQuestions#6._Backup_and_Data_Recovery
>>
>> This worked for the first device, which seems to work with
>> /dev/dm-0, but I cannot work out what the device name for the
>> second raid-1 member is. The btrfs partition is on top of the luks
>> device, and so I need to change both.
>>
>
> I'm not really clear on what your setup is, but there's basically two
> choices:
>
> 1) encrypt 2 partitions separately (typically /dev/sdxy with x in a..z
> and y in
> 1..) leading to /dev/mapper/a and /dev/mapper/b as links to /dev/dm-0
> and /dev/dm-1
> 2) create RAID1 from /dev/mapper/a and /dev/mapper/b, causing /dev/md0
> to appear
> 3) create btrfs (or whatever) on top of /dev/md0
>
> or
>
> 1) create RAID1 from 2 partitions (typically /dev/sdxy as above) leading
> to /dev/md0
> 2) encrypt /dev/md0 leading to /dev/mapper/a as a link to /dev/dm-0
> 3) create btrfs (or whatever) on top of /dev/dm-0
>
>
> If you can't find /dev/dm-1, you might be using the second version. You
> can also find some information in the output of the mount command (which
> should show you the crypto device in the first and the RAID device in
> the second scenario) and from /proc/mdstat showing /dev/mapper/a (or
> /dev/dm-0) in the first and /dev/sdxy in the second case.
>
> Good luck with the research,
> Heiko
>
> - --
> eMails verschlüsseln mit PGP - privacy is your right!
> Mein PGP-Key zur Verifizierung: http://pgp.mit.edu
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iEYEARECAAYFAlM7LdQACgkQ/Vb5NagElAVK2gCgq7EVxGcc3sTlIgEF3M4oZH62
> LrQAn3kmHpBRcnjbWCbBsug5tQYKWS/s
> =lSG+
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>




More information about the dm-crypt mailing list