I had a similar question on my list. This would be a good one for the revised FAQ. Q: What is the size of the LUKS2 header? A: the LUKS header size is configurable. 16MB is the default size. It can be changed by ..... Q: Does all metadata exist in the header? Can I be sure that there is no LUKS metadata somewhere in the middle or in the end of the drive? A: Yes, all LUKS metadata is stored in the LUKS heaer. (Most of the area is reserved for keyslots, used in online reencryption.) There is a small exception if you use experimental integrity protection (authenticated encryption) where dm-crypt is stacked over dm-integrity device. In that case there is a dm-integrity superblock at the beginning of data area which contains only configuration of dm-integrity metadata. No LUKS metadata is stored in this location. The superblock is required by the kernel dm-integrity implementation. _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx https://www.saout.de/mailman/listinfo/dm-crypt
