[dm-crypt] cryptsetup-reencrypt additional options

Arno Wagner arno at wagner.name
Thu Aug 3 11:06:39 CEST 2017


Hi Perry,

since reencryption is a high-risk operation, you should just go via
your regular backup+restore procedure. You have one, right?

Regards,
Arno 


On Thu, Aug 03, 2017 at 06:17:46 CEST, Perry Thompson wrote:
> Hello there,
> 
> I had a quick question about the possibility of getting additional
> features added to cryptsetup-reencrypt. This may be asking for too much
> and I might be better off getting a second drive, putting LUKS on it,
> and transferring my files to it instead, but I thought I would ask
> anyways.
> 
> I have a drive with LUKS set up on it. The LUKS header is on a USB
> drive, and my data has an offset of 4096 512-byte sectors.
> 
> I was looking to encrypt a non-encrypted drive that I have on another
> machine. I was thinking of using cryptsetup-reencrypt, however because
> I have a detached header and an offset for the data, the current
> cryptsetup-reencrypt wouldn't work for me.
> 
> Would maybe adding --align-payload and --header options be something
> that might be possible? Even having a way to have it put the header at
> the start of the disk and use up those "free" 2MiB where my GPT stuff
> is, I could then manually extract the header and then overwrite it
> later.
> 
> I was just curious on thoughts about adding such options to the
> program, although now that I'm typing all of this out, I'm thinking
> that getting a second drive and copying the data to a freshly-encrypted
> drive might save me a lot of hassle.
> 
> Thank you for taking the time to read this.
> 
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier


More information about the dm-crypt mailing list