[dm-crypt] How to derive master key in plain dm-crypt mode
rnicholsNOSPAM at comcast.net
Wed Dec 10 23:34:59 CET 2014
On 12/10/2014 05:48 AM, Jian-Ming Zheng wrote:
> In plain dm-crypt mode, there is no encrypted master key on the device
> (i.e., no metadata header). Is a master key derived from the user
> passphrase and used to en-/decrypt the device? If yes, how to derive
> the master key from the passphrase in plain mode?
The /cryptsetup/ manpage indicates that the key is just the hash of the
passphrase using the specified hash function and cropped to the required
key length. "cryptsetup --help" will show you the default hash function.
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.
More information about the dm-crypt