[dm-crypt] plain: opening with a wrong password

Milan Broz gmazyland at gmail.com
Sun Feb 8 11:33:47 CET 2015


On 02/08/2015 11:09 AM, U.Mutlu wrote:

>> And now thy mistake with plain IV:
>>
>> # echo "password" | cryptsetup create -c aes-cbc-plain -s 256 x /dev/sdb
>> # blkid -p /dev/mapper/x
>> /dev/mapper/x: UUID="f46ba5d8-8c26-4589-ac09-cb0829f2804f" SEC_TYPE="ext2" VERSION="1.0" TYPE="ext3" USAGE="filesystem"
>>
>> # mount /dev/mapper/x /mnt/tst
>> mount: wrong fs type, bad option, bad superblock on /dev/mapper/x,
>>         missing codepage or helper program, or other error
>> ...
>>
>> DO NOT use plain mode if you are not sure what you are doing. Really.

> But isn't it just saying that the mount cannot be done
> because something is wrong, ie. wrong/incomplete cipher param was given?

For this particular case, yes. But no idea what happen if you try to run fsck
or other tool.

> What happens if you repeat the whole with the correct params?

Depends if there were write IO to that wrongly mapped device and what
these writes destroyed.

The whole point of this exercise is to note that you must use and
remember correct parameters if using plain mode, not only password.

> And, should one not use "/dev/sdb1" etc. instead of "/dev/sdb"?

No. Partition table is optional and it is not used on this disk.

Milan



More information about the dm-crypt mailing list