Jonas Meurer wrote:
> yes, that's exactly what passdev is meant for.
Problem solved indeed, passdev works :)
> that really sounds weird. if the unlocked device _is_ the same for both
> passphrases, then it will behave similar. thus i don't see how issues
> with network should be related to the used keyslot.
Ok, maybe I got it, but maybe you won't like the answer.
The error I was getting with the new passphrase was:
ADDRCONF(NETDEV_UP): eth1: link is not ready
I found many topics about, and I discovered that this is an issue of a
bad renaming of the network interfaces, see i.e.
http://marc.info/?l=debian-user&m=114369893509924&w=2
In fact I have two NICs on the server, one of which (eth0) is not used
(hasn't got even a cable). So it seems that, due to the dynamic
remapping of the interfaces at boot, if I insert the old passphrase the
interface names are right, but if I change the passphrase, probably
because of some kind of variation in the entropy pattern of the system,
the names are swapped. I solved this issue installing ifrename and
managing the interfaces name according to their MAC.
HOWEVER: if this is the case (that is, if the cause of the name swapping
is due to the passphrase inserted for cryptsetup), I believe it's not a
good thing. It would indicate some kind of fixed entropy pattern
variation according to a given passphrase, probably not a desiderable
behaviour in regard to the security of encrypted filesystems.
I also addressed this issue on
http://forums.debian.net/viewtopic.php?f=10&t=44690
Thank you :)
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
