On a somewhat related note, I was thinking it would be cool to build in a self-destruct mechanism into cryptsetup- IE if a specific password is entered twice, have it destroy the keyblock of the encrypted disk. Thoughts? On Tue, Jul 14, 2009 at 3:19 PM, Robert Lummis <robert.lummis@xxxxxxxxx>wrote: > OK I guess I need to be using LUKS. That's fine. > > I don't see what's to explore about /dev/mapper/$x. If I give the > wrong passphrase the expected file name still appears there with the > expected permissions. The only way I see to find out if the passphrase > was ok is to try to read it. That's not so terrible but seems kinda > lame. > > On Tue, Jul 14, 2009 at 4:21 AM, Roscoe<eocsor@xxxxxxxxx> wrote: > >> I would like a way to tell cryptsetup to fail completely (don't change > >> anything and return non-zero) if the passphrase is wrong. Is that > >> possible? > > > > Sure, start using LUKS :) > > > > Otherwise, AFAIK without LUKS there is no way for cryptsetup to tell. > > (The normal workaround for this being to then inspect /dev/mapper/$x > > for a known filesystem afterwards.) > > > > -- Roscoe > > > > --------------------------------------------------------------------- > > dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ > > To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx > > For additional commands, e-mail: dm-crypt-help@xxxxxxxx > > > > > > > > -- > Robert Lummis > > --------------------------------------------------------------------- > dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ > To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx > For additional commands, e-mail: dm-crypt-help@xxxxxxxx > > -- matt@xxxxxxxxxxxxxxx GPG Key ID: 113828CC
