[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Reusing existing crypto partitions is not supported

I just had a conversation with Benjamin Seidenberg on IRC. The problem was that he had tried to reuse a pre-existing encrypted partition (/home, using LUKS) by setting it up in the installer using the same passphrase etc.

LUKS creates a random, unique, key in its table and uses the passphrase to encrypt that key, so reusing an existing partition with the same parameters will cause luks to write a new partition header with a new key, effectively wiping the data (losing /home in this case)

I'm not sure whether this should be mentioned in the manual/errata?


<Alphix> Did d-i not warn that the crypto partition would be wiped out?
<astronut> uhmm, it asked "Wipe the thing with random data" and i said "no"
then it asked for passphrase
so i gave it my existing one
then i said "use as ext3"
"mount as /home"
then hit finish, it said it would format that as ext3, cancelled, told it do not use
s/said "no"/"no, keep existing data" or something
<Alphix> So the error is more one of user expectations/lacking documentation....file systems/partitions can only be reused if they're detected immediately by the installer without any intervention (this goes e.g. for LVM as well) But I'll send a msg to debian-boot and CC you and we'll see what the others have to say

David Härdeman

Reply to: