Absolon wrote: >> >> That tool is called dd. >> >> dd if=/dev/hda2 of=luksheader count=1032 > > Yeah, of course you can dd it, but it's a solution/hack that has been > "invented" to get around the basic problem. The security/recovery > should be within dm-crypt since the header is a core part of the > program. You still lack tools in dm-crypt that allow additional > security around the header (like additional locations, > export/import), so it's still a single-point-of-error. > > /Paul T > I don't know about the "single point of failure" part when there is possibility to avoid the problem (backups and keeping your LUKS header a RAID). However I do agree that this issue is overlooked in the general documentation. Clemens maybe can add it to the FAQ- How to make a binary backup of the header? -- Henrik Holst --------------------------------------------------------------------- - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
