hi there!
i use luks encryption with gpg encrypted key, which nicely works
cryptsetup 1.6.1/gcrypt 1.5.3 but doesn't works with cryptsetup
1.6.6/gcrypt 1.6.1
here is the debug message from cryptsetup 1.6.6/gcrypt 1.6.1:
# cryptsetup 1.6.6 processing "cryptsetup --key-file=- luksOpen
/dev/vg0/root sroot --debug"
# Running command open.
# Locking memory.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Allocating crypt device /dev/vg0/root context.
# Trying to open and read device /dev/vg0/root.
# Initialising device-mapper backend library.
# Trying to load LUKS1 crypt type from device /dev/vg0/root.
# Crypto backend (gcrypt 1.6.1) initialized.
# Detected kernel Linux 3.14-2-rt-amd64 x86_64.
# Reading LUKS header of size 1024 from device /dev/vg0/root
# Key length 32, device size 1933582336 sectors, header size 2050 sectors.
# Timeout set to 0 miliseconds.
# Password retry count set to 3.
# Password verification disabled.
# Iteration time set to 1000 miliseconds.
# Password retry count set to 1.
# Activating volume sroot [keyslot -1] using keyfile -.
# dm version OF [16384] (*1)
# dm versions OF [16384] (*1)
# Detected dm-crypt version 1.13.0, dm-ioctl version 4.27.0.
# Device-mapper backend running with UDEV support enabled.
# dm status sroot OF [16384] (*1)
# STDIN descriptor passphrase entry requested.
# Trying to open key slot 0 [ACTIVE_LAST].
# Reading key slot 0 area.
# Using userspace crypto wrapper to access keyslot area.
# Trying to open key slot 1 [INACTIVE].
# Trying to open key slot 2 [INACTIVE].
# Trying to open key slot 3 [INACTIVE].
# Trying to open key slot 4 [INACTIVE].
# Trying to open key slot 5 [INACTIVE].
# Trying to open key slot 6 [INACTIVE].
# Trying to open key slot 7 [INACTIVE].
No key available with this passphrase.
# Releasing crypt device /dev/vg0/root context.
# Releasing device-mapper backend.
# Unlocking memory.
Command failed with code 1: No key available with this passphrase.
and here is the debug message from cryptsetup 1.6.1/gcrypt 1.5.3
# cryptsetup 1.6.1 processing "cryptsetup --key-file=- luksOpen
/dev/vg0/root sroot --debug"
# Running command open.
# Locking memory.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Allocating crypt device /dev/vg0/root context.
# Trying to open and read device /dev/vg0/root.
# Initialising device-mapper backend library.
# Trying to load LUKS1 crypt type from device /dev/vg0/root.
# Crypto backend (gcrypt 1.5.3) initialized.
# Reading LUKS header of size 1024 from device /dev/vg0/root
# Key length 32, device size 1933582336 sectors, header size 2050 sectors.
# Timeout set to 0 miliseconds.
# Password retry count set to 3.
# Password verification disabled.
# Iteration time set to 1000 miliseconds.
# Password retry count set to 1.
# Activating volume sroot [keyslot -1] using keyfile -.
# dm version OF [16384] (*1)
# dm versions OF [16384] (*1)
# Detected dm-crypt version 1.13.0, dm-ioctl version 4.27.0.
# Udev is not running. Not using udev synchronisation code.
# Device-mapper backend running with UDEV support disabled.
# dm status sroot OF [16384] (*1)
# STDIN descriptor passphrase entry requested.
# Trying to open key slot 0 [ACTIVE_LAST].
# Reading key slot 0 area.
# Calculated device size is 250 sectors (RW), offset 8.
# DM-UUID is CRYPT-TEMP-temporary-cryptsetup-6389
# dm create temporary-cryptsetup-6389
CRYPT-TEMP-temporary-cryptsetup-6389 OF [16384] (*1)
# dm reload temporary-cryptsetup-6389 OFRW [16384] (*1)
# dm resume temporary-cryptsetup-6389 OFRW [16384] (*1)
# temporary-cryptsetup-6389: Stacking NODE_ADD (254,8) 0:6 0660
# temporary-cryptsetup-6389: Stacking NODE_READ_AHEAD 256 (flags=1)
# temporary-cryptsetup-6389: Processing NODE_ADD (254,8) 0:6 0660
# Created /dev/mapper/temporary-cryptsetup-6389
# temporary-cryptsetup-6389: Processing NODE_READ_AHEAD 256 (flags=1)
# temporary-cryptsetup-6389 (254:8): read ahead is 256
# temporary-cryptsetup-6389 (254:8): Setting read ahead to 256
# dm remove temporary-cryptsetup-6389 OFT [16384] (*1)
# temporary-cryptsetup-6389: Stacking NODE_DEL
# temporary-cryptsetup-6389: Processing NODE_DEL
# Removed /dev/mapper/temporary-cryptsetup-6389
Key slot 0 unlocked.
# Calculated device size is 1933578240 sectors (RW), offset 4096.
# DM-UUID is CRYPT-LUKS1-2ca6c98f2a90421ebc33d686fb4c2811-sroot
# dm create sroot CRYPT-LUKS1-2ca6c98f2a90421ebc33d686fb4c2811-sroot
OF [16384] (*1)
# dm reload sroot OFW [16384] (*1)
[ 539.319314] bio: create slab <bio-0> at 0
# dm resume sroot OFW [16384] (*1)
# sroot: Stacking NODE_ADD (254,8) 0:6 0660
# sroot: Stacking NODE_READ_AHEAD 256 (flags=1)
# sroot: Processing NODE_ADD (254,8) 0:6 0660
# Created /dev/mapper/sroot
# sroot: Processing NODE_READ_AHEAD 256 (flags=1)
# sroot (254:8): read ahead is 256
# sroot (254:8): Setting read ahead to 256
# Releasing crypt device /dev/vg0/root context.
# Releasing device-mapper backend.
# Unlocking memory.
Command successful.
is this some error in cryptsetup/gcrypt or just simply my fault?
thanks for your answers!
ps.: sorry for my bad english :(
--
Csaba Vasas
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt