On Tue, Dec 18, 2012 at 09:21:48AM +0100, Milan Broz wrote: > On 12/18/2012 01:36 AM, Arno Wagner wrote: > > On Mon, Dec 17, 2012 at 04:10:50PM -0800, David Li wrote: > >> Hi, I wonder if the dm-crypt partition UUID (shown in blkid -p <dev>) can > >> be used to uniquely associate it with the set of keys the partition will > >> need. Are there any cases that the UUID would change during the partition's > >> lifetime? > > > > The UUID is actually a filesystem attribute, not a partition > > attribute. That said, for purpose of an UUID, LUKS is regarded as a > > filesystem, which is IMO the correct way to view it, but not a > > perfect one. So, yes, the UUID will change if you do a luksFormat > > (aptly named if LUKS is regarded as a filesystem), but it will not > > change otherwise. As a luksFormat invalidates all keys, that should > > do for your purpose. > > Well, it is more complicated. blkid recognizes UUID from metadata > on disk. There are several groups of metadata and there are priorities > (raid devices have priority to filesystem for example). Interesting. I admit I only checked where LUKS and ext2/3/4 keep the UUID and whether DOS partitions have them. Is there some documentation on these priorities, or is the source of blkid authorative? > UUID is generic attribute, even MD devices, LVM PVs etc have UUID. > > LUKS is basically handled like MD (raid) device. Makes sense. Arno > Anyway, question was if UUID can change during lifetime - no. > (reformat is not part of lifetime, you will lose data) > To be precise, you can change UUID but it must be explicit user action > (see man cryptsetup). > > And it is preferred way to reference LUKS device by its UUID (if the > physical disk is moved likde sdb->sdc, it still works). > > An example: > > # blkid /dev/sdb > /dev/sdb: UUID="bb0c71ca-24c0-4a73-b7ff-ebdbcf152040" TYPE="crypto_LUKS" > > # blkid -U bb0c71ca-24c0-4a73-b7ff-ebdbcf152040 > /dev/sdb > > > And cryptsetup itself (in recent versions) recognizes UUID as device parameter: > > #cryptsetup luksOpen UUID=bb0c71ca-24c0-4a73-b7ff-ebdbcf152040 test > Enter passphrase for /dev/disk/by-uuid/bb0c71ca-24c0-4a73-b7ff-ebdbcf152040: > > And you should be able to use UUID in /etc/crypttab as well. > > Milan > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- One of the painful things about our time is that those who feel certainty are stupid, and those with any imagination and understanding are filled with doubt and indecision. -- Bertrand Russell _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
