No Problem. I would suggest reading the FAQ http://code.google.com/p/cryptsetup/wiki/FrequentlyAskedQuestions and the man-page. Takes a while, but afterwards you should understand how things work. Muy experience with "instructions" is that they fail as soon as something is not quite as expected and are absolutely no replacement for getting your own expertise. Arno On Wed, May 22, 2013 at 10:48:52AM -0400, leam hall wrote: > Hey Arno, thanks! None of the instructions I found talked about manually > editing the keyfile with the key. That's why I thought luksAddKey created > the file. > > So far I'm not doing great with this. Either the /dev/sda partition isn't > able to be mounted or /dev/mapper/luks isn't viewed as a LUKS partition. > > > > On Wed, May 22, 2013 at 10:33 AM, Arno Wagner <arno@xxxxxxxxxxx> wrote: > > > A look into the man-page of cryptsetup shows that luksAddKey does > > not write the key-file, but reads it. I am surprised though that > > cryptsetup does not complain that the file is missing. With my > > system (cryptsetup 1.6.0) it does: > > > > # cryptsetup luksAddKey /dev/loop0 keyfile > > Enter any passphrase: > > Failed to open key file. <--- > > # > > > > Have you created "keyfile" before? If so, you just added the empty > > passphrase to your device, something you probably do not want to do. > > > > Arno > > > > On Wed, May 22, 2013 at 08:50:22AM -0400, leam hall wrote: > > > Help! I've nearly broken my desk banging my head against this problem. I > > am > > > using Red Hat 5.9 base install and trying to set the LUKS volume to come > > > on-line on boot. > > > > > > The volume can be manually mounted. However, when I try to create the key > > > file it becomes a 0 length file and does not work when the system boots. > > > > > > cryptsetup luksAddKey /dev/sda2 keyfile > > > Enter any LUKS passphrase: > > > Verify passphrase: > > > key slot 0 unlocked. > > > Command successful. > > > > > > > > > ls -lart keyfile > > > -rw------- 1 root root 0 May 22 08:42 keyfile > > > > > > > > > cat /etc/crypttab > > > luks /dev/sda2 /root/keyfile luks > > > > > > > > > This is probably operator error but I'm not sure where to look. Any help > > > appreciated! > > > > > > Leam > > > > > > > > > > > > -- > > > Mind on a Mission <http://leamhall.blogspot.com/> > > > > > _______________________________________________ > > > dm-crypt mailing list > > > dm-crypt@xxxxxxxx > > > http://www.saout.de/mailman/listinfo/dm-crypt > > > > > > -- > > Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx > > GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 > > ---- > > There are two ways of constructing a software design: One way is to make it > > so simple that there are obviously no deficiencies, and the other way is to > > make it so complicated that there are no obvious deficiencies. The first > > method is far more difficult. --Tony Hoare > > _______________________________________________ > > dm-crypt mailing list > > dm-crypt@xxxxxxxx > > http://www.saout.de/mailman/listinfo/dm-crypt > > > > > > -- > Mind on a Mission <http://leamhall.blogspot.com/> > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult. --Tony Hoare _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
