On Mon, Oct 13, 2003 at 01:23:44PM +0100, Joe Thornber wrote: > On Mon, Oct 13, 2003 at 02:12:13PM +0200, jon@xxxxxxxxxxxxxxxxxx wrote: > > On Mon, Oct 13, 2003 at 01:04:20PM +0100, Joe Thornber wrote: [cut] > > What usualy is done is that the passphrase is used as a key to encrypt > > another key, which is stored encrypted at the disk. Then this other > > key is used to encrypt the data with. Thus when changing the passphrase > > all you do is reencrypting the key. This is almost done atomicaly. > > You can still do this with the current target, the encrypted key would > be stored in the LVM metadata, and passed into the target when the LV > is activated with the passphrase. true, but suppose that some people want to use device mapper without LVM for some particular reason ? JonB
