Re: Changing pass-phrase on dm-crypt'ed disks
On Mon, 25 Jun 2012 21:54:22 +0100
Nick Boyce <nick@glimmer.adsl24.co.uk> wrote:
> On Monday 25 Jun 2012 09:16:23 Claudius Hubig wrote:
>
> > Nick Boyce <nick@glimmer.adsl24.co.uk> wrote:
> >
> > > The installer uses 'dm-crypt' to encrypt the drive, rather than the full
> > > LUKS system - and 'dm-crypt' generates the encryption key directly from
> > > the pass- phrase, rather than storing the encryption key in an on-volume
> > > "header" protected by the pass-phrase.
> >
> > Are you sure about that? I’ve set up quite a few systems and it
> > always used LUKS.
>
> No, I'm not sure - but I picked up that understanding from reading a lot of
> forum threads about setting up new systems with encrypted disks.
>
> I gained the distinct impression that current distribution installers use 'dm-
> crypt' for simplicity, and that this is the same as 'cryptsetup' in "plain"
> mode as opposed to 'LUKS' mode..
I've done several installs with encryption, and I've always gotten LUKS.
> Now that I've been reading more in-depth history of Linux filesystem crypto
> tools, I think the problem is that quite a lot of the documentation out there
> is old, obsolete and misleading :)
That's for sure.
Celejar
Reply to: