-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 2/19/2014 2:22 AM, JD wrote:
> To add a new password, use luksAddKey:
>
> sudo cryptsetup luksAddKey /dev/sd?? (You fill in for ??)
>
> To delete a key
>
> cryptsetup luksDelKey /dev/sd?? 0
>
> where 0 is the very first key ever created or added.
>
> Which seems to imply that you can luksAddKey more than one key.
> Perhaps you can give different keys yo different users??
>
> To remove an existing password, use luksRemoveKey:
>
> sudo cryptsetup luksRemoveKey /dev/sd??
>
Many thanks for your great help. However, I am not sure:
- - what is the ?? for? what should I put there the number of device
(e.g. sd1)? I have a multiple partition USB and it sees it as 2, it
boots from sda1.
- - is it any difference between luksDelKey and luksRemoveKey?
I won't create multiple keys for a single encrypted volume, just one
password which will be the same always, default with obligation for
the users to change it at first use. At that time, the users will have
to remove it permanently and add their own password, a single one, and
that is all. What is the best way to do this? Thanks again!
- --