On 06/21/2012 04:58 PM, Lara Michaels wrote: > From reading the FAQ, my understanding is that in the event the > header getting destroyed I need ONE of the following for data > recovery to be feasible: > > - header backup + one passphrase - the master key > > By "master key" I am referring to the 256 bits printed out in > hexadecimal by "cryptsetup luksDump --dump-master-key [device]". > > Is it correct that these 256 bits are by themselves sufficient to > unlock the volume? Or would I still need the salt to be intact in the > header? (My understanding from reading the FAQ is that the salt is > not required if I have the master key.) Yes. You need to know cipher name, mode and IV as well, but these are easily to be brute-forced if lost. Salt is not needed if you know volume (master) key directly. Milan _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
