Re: Reusing existing crypto partitions is not supported
> I just had a conversation with Benjamin Seidenberg on IRC. The problem
> was that he had tried to reuse a pre-existing encrypted partition
> (/home, using LUKS) by setting it up in the installer using the same
> passphrase etc.
>
> LUKS creates a random, unique, key in its table and uses the passphrase
> to encrypt that key, so reusing an existing partition with the same
> parameters will cause luks to write a new partition header with a new
> key, effectively wiping the data (losing /home in this case)
>
> I'm not sure whether this should be mentioned in the manual/errata?
>
> ...
>
> <Alphix> Did d-i not warn that the crypto partition would be wiped out?
> <astronut> uhmm, it asked "Wipe the thing with random data" and i said
> "no"
> then it asked for passphrase
> so i gave it my existing one
> then i said "use as ext3"
> "mount as /home"
> then hit finish, it said it would format that as ext3, cancelled, told it
> do not use
> s/said "no"/"no, keep existing data" or something
> <Alphix> So the error is more one of user expectations/lacking
> documentation....file systems/partitions can only be reused if they're
> detected immediately by the installer without any intervention (this
> goes e.g. for LVM as well)
> But I'll send a msg to debian-boot and CC you and we'll see what the
> others have to say
>
Additionally, I think that there ought to be a way (obviously post-etch)
to say "Use this existing encrypted filesystem as <mountpoint> (ex, /home,
/srv, etc)," both for reinstalls and for people migrating to Debian.
Reply to: