Re: cryptsesetup and luks different on amd64?
Am Mittwoch, 13. Januar 2010 schrieb Heinz Diehl:
> Please post the lines which in your opinion should be wrong. I for myself
> can't find something which is not right. The manual says:
>
> luksAddKey <device> [<new key file>]
>
> Add a new key file/passphrase. An existing passphrase or
> key file (via --key-file) must be supplied. The key file with the new
> material is supplied as a positional argument.
> <options> can be [--key-file, --key-slot].
>
Hi Heinz,
I suppose, I accidently mixed two things. cryptsetup --help tells me:
-d, --key-file=STRING Read the key from a file (can be
/dev/random)
And man cryptsetup is telling:
luksAddKey <device> [<new key file>]
add a new key file/passphrase. An existing passphrase or key file
(via --key-file) must be supplied. The key file
with the new material is supplied as a positional argument.
<options> can be [--key-file, --key-slot].
I think, as I mixed those two wrong. Below "Options" in man crayptsetup, there
is the entry, which confused me most (I think, that was the one, i meant!):
--key-file, -d
use file as key material. With LUKS, key material
supplied in key files via -d are always used for existing
passphrases. If you want to set a new key via a key file, you
have to use a positional arg to luksFormat or luksAd-
dKey.
So I thought, I had to do "-d /media/disk/mykeyfile".
I hope, this explaines it. Seem to be my fault, isn't it? :))
Best regards
Hans
Reply to: