On Thu, Sep 23, 2010 at 11:44:51AM +0200, Jonas Meurer wrote: > Hey Louis, > > this mailinglist is not the right place to discuss distribution specific > features. decrypt_derived is a keyscript which is provided by the debian > cryptsetup package. please use the debian bugtracking system > (bugs.debian.org) or pkg-cryptsetup-devel@xxxxxxxxxxxxxxxxxxxxxxx > instead. Hi, Can I have similar functionality without using debian's decrypt_derived? > On 23/09/2010 Louis-David Mitterrand wrote: > > Is it possible to use the decrypt_derived script to mount a second > > (non-swap) partition with the same passphrase as the root partition? > > > > I tried the following et /etc/crypttab: > > > > cmd1 /dev/md1 none luks > > # cmd2 /dev/md2 none luks > > cmd2 /dev/md2 cmd1 keyscript=/lib/cryptsetup/scripts/decrypt_derived,luks > > > > (/dev/mapper/cmd2 is mounted on /backup) > > > > But I get this error when running "/etc/init.d/cryptdisks restart": > > > > galba:/home/ldm# /etc/init.d/cryptdisks restart > > Stopping remaining crypto disks...cmd1 (busy)...cmd2 (stopped)...done. > > Starting remaining crypto disks...cmd1 (running)...cmd2 (starting)... > > No key available with this passphrase. > > No key available with this passphrase. > > No key available with this passphrase. > > cmd2 (failed)...failed. > > done. > > you need to add the relevant key to /dev/md2 first. > see section '9. The "decrypt_derived" keyscript' at > /usr/share/doc/cryptsetup/README.initramfs.gz for more information. > > in short, do the following: > > get the key: > $ /lib/cryptsetup/scripts/decrypt_derived cmd1 > > add the new key: > $ cryptsetup luksAddKey /dev/md2 > [ paste the derived key as new passphrase ] > > afterwards, unlocking md2 with the derived key should work. Yes it works well, thanks. _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt