[dm-crypt] plain: opening with a wrong password

Arno Wagner arno at wagner.name
Thu Feb 5 12:54:35 CET 2015


On Wed, Feb 04, 2015 at 14:30:17 CET, U.Mutlu wrote:
> Quentin Lefebvre wrote, On 02/04/2015 02:02 PM:
> >Hi,
> >
> >Le 04/02/2015 13:33, U.Mutlu a écrit :
> >>Hi,
> >>what happens if an encrypted filesystem (plain, no LUKS)
> >>next time is opened accidently with a wrong password,
> >>and new data written to it? Will the filesystem then become
> >>damaged/unusable?
> >
> >What typically happens when you use a wrong password is that the
> >cryptsetup create/open command is indeed successful, but mounting your
> >partition will fail (because the filesystem is not detected).  So you
> >have few chance to accidentally damage a filesystem, even in plain
> > mode.
> 
> I tried this out now, and indeed that's cool!
> Thank you for this useful tip, it spares me to study further
> also the LUKS stuff, as plain is IMHO sufficient for my needs.
> The main drawback with plain seems to be that one cannot change
> the password, instead one needs to re-enrcrypt into a new file/device.

That, you have only one password, and you do not get some 
additional protection for weak passwords from salting and 
iteration. With a good, passphease plain is about as secure 
as LUKS, namely not breakable. (See FAQ item 5.1 for details
of what "good" means.)

Arno
 
-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier


More information about the dm-crypt mailing list