On Fri, Oct 26, 2012 at 06:37:10PM +0200, Milan Broz wrote: > > [Li, David] Can you explain a little here why key slot wasn't used? > > Why did the luksDump or the blkid result seem to be normal? > > I think there are just missing internal kernel modules. > > Cryptsetup internally first generates master key, then writes visible header and then > enables keyslot - and for keyslot write it requires kernel crypto modules. > If last step fails, you end up with LUKS header without any slot enabled. Maybe use the kernel crypto modules needed later in some dummy operation early on? That way you could terminate with error before the header gets written. Arno > (The error reporting here is not optimal, still thinking how to get > exact infmation from kernel. > Anyway there is: > "Check that kernel supports aes-cbc-essiv:sha256 cipher (check syslog for more info)." > > Did you check syslog? > > According to /proc/crypto, you have no aes module, no cbc, no sha256... > > Milan > > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt > -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- One of the painful things about our time is that those who feel certainty are stupid, and those with any imagination and understanding are filled with doubt and indecision. -- Bertrand Russell _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
