Hello Steve, > What would > > dd if=/dev/mapper/[cryptdevice] of=/dev/[device] conv=notrunc > Actually do then ? > Would it revert back to no encryption ? How would i convert the 256 bit > encrypt to 128 ? Ok, sorry for not be clear in the first mail. I thought you'd like to unencrypt the whole thing. To reencrypt you get two cryptdevices for the same device: /dev/mapper/[cryptdevice-AES128] /dev/mapper/[cryptdevice-AES256] and then do an dd if=/dev/mapper/[cryptdevice-AES256] of=/dev/[cryptdevice-AES128] \ conv=notrunc And as wrote before, DON'T DO THIS IF DATA LOSS IS A PROBLEM for you. Ive done this many times and most times it worked fine, but you can't be sure. > Hein Diehl wrote > Actually, you can't. You'll have to backup your data somewhere and > luksFormat the partition with the new parameters. Besides, I doubt that > 128 bit gives noticeably more speed than 256 bit, even if your system is > somewhat old. Be aware, that doesn't work with LUKS devices, only with plain dm-crypt devices. > Roscoe wrote > This strikes me as poor advice for the following reasons: > > - It's writing out plaintext directly to his hard disk, the exact > thing he doesn't want to happen you are right, as I wrote on top I thought he would like to unencrypt the whole device. > - It's riskier than it has to be, you're not even backing up the master > key... As Heinz Diehl wrote, it doesn't work with LUKS Headers. Don't bother to make a backup for the keys ;-) For dm-crypt devices you don't need a backup of you master key. cheers Wolfgang _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
