[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: change the password of an encrypted persistent volume

On Tue, Feb 18, 2014 at 6:10 PM, s7r <s7r@sky-ip.org> wrote:
Hash: SHA1

On 2/19/2014 2:22 AM, JD wrote:
> To add a new password, use luksAddKey:
> sudo cryptsetup luksAddKey /dev/sd?? (You fill in for ??)
> To delete a key
> cryptsetup luksDelKey /dev/sd?? 0
> where 0 is the very first key ever created or added.
> Which ​seems to imply that you can luksAddKey more than one key.
> Perhaps you can give different keys yo different users??
> To remove an existing password, use luksRemoveKey:
> sudo cryptsetup luksRemoveKey /dev/sd??

Many thanks for your great help. However, I am not sure:
- - what is the ?? for? what should I put there the number of device
(e.g. sd1)? I have a multiple partition USB and it sees it as 2, it
boots from sda1.

- - is it any difference between luksDelKey and luksRemoveKey?
I won't create multiple keys for a single encrypted volume, just one
password which will be the same always, default with obligation for
the users to change it at first use. At that time, the users will have
to remove it permanently and add their own password, a single one, and
that is all. What is the best way to do this? Thanks again!

- --

​By ?? I meant the specific disk and partition
such as sda2, or sdb1 oe sdc3  ....etc.



Reply to: