Hey Louis, this mailinglist is not the right place to discuss distribution specific features. decrypt_derived is a keyscript which is provided by the debian cryptsetup package. please use the debian bugtracking system (bugs.debian.org) or pkg-cryptsetup-devel@xxxxxxxxxxxxxxxxxxxxxxx instead. On 23/09/2010 Louis-David Mitterrand wrote: > Is it possible to use the decrypt_derived script to mount a second > (non-swap) partition with the same passphrase as the root partition? > > I tried the following et /etc/crypttab: > > cmd1 /dev/md1 none luks > # cmd2 /dev/md2 none luks > cmd2 /dev/md2 cmd1 keyscript=/lib/cryptsetup/scripts/decrypt_derived,luks > > (/dev/mapper/cmd2 is mounted on /backup) > > But I get this error when running "/etc/init.d/cryptdisks restart": > > galba:/home/ldm# /etc/init.d/cryptdisks restart > Stopping remaining crypto disks...cmd1 (busy)...cmd2 (stopped)...done. > Starting remaining crypto disks...cmd1 (running)...cmd2 (starting)... > No key available with this passphrase. > No key available with this passphrase. > No key available with this passphrase. > cmd2 (failed)...failed. > done. you need to add the relevant key to /dev/md2 first. see section '9. The "decrypt_derived" keyscript' at /usr/share/doc/cryptsetup/README.initramfs.gz for more information. in short, do the following: get the key: $ /lib/cryptsetup/scripts/decrypt_derived cmd1 add the new key: $ cryptsetup luksAddKey /dev/md2 [ paste the derived key as new passphrase ] afterwards, unlocking md2 with the derived key should work. greetings, jonas
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
