On Mon, Apr 02, 2012 at 01:43:28AM -0400, .. ink .. wrote: > On Sun, Apr 1, 2012 at 8:41 PM, .. ink .. <mhogomchungu@xxxxxxxxx> wrote: > > > > $ sudo cryptsetup luksOpen /dev/sdc dsk > > > LUKS keyslot 6 is invalid. > > > LUKS keyslot 7 is invalid. > > > > A user with a problem with invalid key slots had the above in one of the > > recent mailing list post. > > > > Does cryptsetup check all slots if they are valid before it tries to open > > a volume and bail out when it finds an invalid one or does it give the > > above error if it cant get a valid key on on valid key slots? > > > > example, if a valid slot was on slot number 1 and he entered a passphrase > > that is on slot number 1.Would he have got the same error message? > > > > did cryptsetup went through all the valid keyslots, didnt find the key and > > suspect that the key might be on the two invalid slots and reported the > > error? > > > > > > > is it possible to get or how can i create a volume with an invalid key? i > would lik3 to test this for my program zulucrypt but i cant seem to manage > to corrupt a volume. The best i have got after trying for hours is > inconsistency at best. > > crypt_keyslot_status API shows the key is invalid but cryptsetup luksDump > shown the key slot as disabled and cryptsetup executable just says the > password does not exist when trying to open the volume with the a key in > slot i try to make invalid As far as I understand Milan, this is not the keyslot being invalid, but its offset and/or size, i.e. the keyslot descriptor in the header has been corrupted. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- One of the painful things about our time is that those who feel certainty are stupid, and those with any imagination and understanding are filled with doubt and indecision. -- Bertrand Russell _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
