On Tue, Sep 14, 2010 at 8:07 AM, Josh Litherland <josh@xxxxxxxxxxx> wrote: > Using cryptsetup 1.1.0~rc2 from Ubuntu Lucid apt package. As an experiment, > I have a 1000 byte key that I have in a file 1000key. I have another file > 2000key which is the key followed by 1000 pad bytes. This works: > > # cryptsetup --key-file 1000key luksOpen /dev/loop0 cryptofs > > This also works: > > # cryptsetup --key-file 2000key --key-size 8000 luksOpen /dev/loop0 cryptofs > > This works too: > > # cryptsetup --key-file 1000key luksAddKey /dev/loop0 > > But this bit doesn't work: > > # cryptsetup --key-file 2000key --key-size 8000 luksAddKey /dev/loop0 > No key available with this passphrase. > # > > That is to say, the --key-size argument doesn't seem to be working with > luksAddKey. > > Any suggestions ? --key-size should specify the size of the key used for encryption/decryption, which is going to almost always be 112-512 bits. As this key is stored in the key slots and has a length described in the header it doesn't make any sense to pass it to cryptsetup for any of the luks commands other than luksFormat. Doesn't help your problem at all, though. It seems like you want it to mean the amount of input to the PBKDF2 function. -- Roscoe _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
