-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Arno Wagner schrieb:
> The LUKS keys span those 8MB or so at maximum. But only if you actually
> have keys. Without them, there is only the ~600 Bytes header AFAIK.
hmmm i would say the size is always the same, it only depends on the
bitsize of the encryption key and doesn't change over time. (would be
bad if it does so ;) )
#root@wintermute:~# cryptsetup luksDump /dev/mapper/raid-jan
LUKS header information for /dev/mapper/raid-jan
Version: 1
Cipher name: aes
Cipher mode: cbc-essiv:sha256
Hash spec: sha1
Payload offset: 1032
MK bits: 128
MK digest: xx
MK salt: xx
MK iterations: 10
UUID: xx
Key Slot 0: DISABLED
Key Slot 1: ENABLED
Iterations: 76720
Salt: xx
Key material offset: 136
AF stripes: 4000
Key Slot 2: DISABLED
Key Slot 3: DISABLED
Key Slot 4: DISABLED
Key Slot 5: DISABLED
Key Slot 6: DISABLED
Key Slot 7: DISABLED
#root@wintermute:/tmp# dd if=/dev/mapper/raid-jan count=1032 of=test
#root@wintermute:/tmp# losetup -f test
#root@wintermute:/tmp# cryptsetup luksDump /dev/loop0
LUKS header information for /dev/loop0
Version: 1
Cipher name: aes
Cipher mode: cbc-essiv:sha256
Hash spec: sha1
Payload offset: 1032
MK bits: 128
MK digest: xx
MK salt: xx
MK iterations: 10
UUID: xx
Key Slot 0: DISABLED
Key Slot 1: ENABLED
Iterations: 76720
Salt: xx
Key material offset: 136
AF stripes: 4000
Key Slot 2: DISABLED
Key Slot 3: DISABLED
Key Slot 4: DISABLED
Key Slot 5: DISABLED
Key Slot 6: DISABLED
Key Slot 7: DISABLED
#root@wintermute:/tmp# cryptsetup luksAddKey /dev/loop0
Enter any LUKS passphrase:
key slot 1 unlocked.
Enter new passphrase for key slot:
Verify passphrase:
Command successful.
#root@wintermute:/tmp# cryptsetup luksDump /dev/loop0
LUKS header information for /dev/loop0
Version: 1
Cipher name: aes
Cipher mode: cbc-essiv:sha256
Hash spec: sha1
Payload offset: 1032
MK bits: 128
MK digest: xx
MK salt: xx
MK iterations: 10
UUID: xx
Key Slot 0: ENABLED
Iterations: 86440
Salt: xx
Key material offset: 8
AF stripes: 4000
Key Slot 1: ENABLED
Iterations: 76720
Salt: xx
Key material offset: 136
AF stripes: 4000
Key Slot 2: DISABLED
Key Slot 3: DISABLED
Key Slot 4: DISABLED
Key Slot 5: DISABLED
Key Slot 6: DISABLED
Key Slot 7: DISABLED
#root@wintermute:/tmp# losetup -d /dev/loop0
#root@wintermute:/tmp# dd if=/dev/zero of=test count=5000
5000+0 Datensätze ein
5000+0 Datensätze aus
2560000 Bytes (2,6 MB) kopiert, 0,0117849 s, 217 MB/s
#root@wintermute:/tmp# losetup -f test
#root@wintermute:/tmp# cryptsetup luksFormat -s 256 /dev/loop0
WARNING!
========
This will overwrite data on /dev/loop0 irrevocably.
Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase:
Verify passphrase:
Command successful.
#root@wintermute:/tmp# cryptsetup luksDump /dev/loop0
LUKS header information for /dev/loop0
Version: 1
Cipher name: aes
Cipher mode: cbc-essiv:sha256
Hash spec: sha1
Payload offset: 2056
MK bits: 256
MK digest: dd d8 b1 fd fc fc a5 b6 dc c6 c4 ce 0a 03 8b 68 e8 3c
84 dd
MK salt: 93 a6 99 2e e3 06 f2 b2 aa b3 32 cf 7f fa f4 be
2e 66 ef fd 27 a5 40 6d 5d 22 1e 41 2e 37 ee 56
MK iterations: 10
UUID: 97133352-ccb4-47a2-8071-eb03a3c72a8e
Key Slot 0: ENABLED
Iterations: 89800
Salt: 18 db 46 e3 90 75 dd 70 08 1c ff 51 96
a5 43 50
d6 1c d2 35 f3 73 77 f0 1c 30 4f 0b cd
91 a2 30
Key material offset: 8
AF stripes: 4000
Key Slot 1: DISABLED
Key Slot 2: DISABLED
Key Slot 3: DISABLED
Key Slot 4: DISABLED
Key Slot 5: DISABLED
Key Slot 6: DISABLED
Key Slot 7: DISABLED
that it would be :)
Jan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFJNC01BpRI6A8tC0MRAicrAKCKTm1kkW0di2adjjHM9qTVR6X1ogCeKDvV
IoLAS+vknnB0bUgWgO0C3Mo=
=+GlC
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/
To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
For additional commands, e-mail: dm-crypt-help@xxxxxxxx
