Hi, On 06/25/2014 03:21 PM, Daniel Breznau wrote: > Hi, > > After reading the FAQ, I’m still unclear on something - if someone knows an old passphrase to my LUKS encrypted partition, then could it somehow be used with the master key to decrypt the drive? Only the master key is used to decrypt the drive. The passphrase is used to derive the master key. Changing the passphrase or removing key slots will not change the master key. After removing a key slot from a LUKS volume, the passphrase of that slot will no longer be able to derive the master key as it will be wiped. And hence it will not be able to decrypt your volume. So an "old passphrase" resp. old key slot is not able to unlock your volume. But keep in mind that it actually was able to unlock your volume before removing it. (so an old backup of the Luks header is still able to unlock your volume). I hope this answers your question. Cheers, Ralf _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
