[dm-crypt] How can I write a passphrase hash to key file for plain dm-crypt ?

John Lane dm-crypt at jelmail.com
Fri Nov 7 17:34:39 CET 2014


I'm trying to use plain dm-crypt. I have an example like this

    $ cryptsetup open /dev/sda mydisk --type plain --hash sha512

that works fine. I enter 'password' as the pass phrase when requested.

I want to create an equivalent key-file so that I can do

    $ cryptsetup open /dev/sda mydisk --type plain --key-file mykey

I couldn't find a cryptsetup command do to this, so I tried these:

    $ openssl dgst -sha512 -binary <<< 'password' > mykey
also
    $ sha512sum <<< 'my_passphrase' | head -c 128 > mykey

without success.

As I understand it, the key file contains a binary key that is used
as-is, so I would have thought the first try above would have worked. I
even used xxd to check that mykey contained the hash in binary data.

How can I make a key-file that is equivalent to a keyed-in passphrase?

Thanks in advance.



More information about the dm-crypt mailing list