From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mail.saout.de (Postfix) with ESMTP for ; Wed, 9 Mar 2011 11:27:09 +0100 (CET) Message-ID: <4D7755F9.2070709@redhat.com> Date: Wed, 09 Mar 2011 11:27:05 +0100 From: Milan Broz MIME-Version: 1.0 References: <4D76E1FE.8030509@gmail.com> In-Reply-To: <4D76E1FE.8030509@gmail.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] Major Problem with luksAddKey List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Rookcifer Cc: dm-crypt@saout.de On 03/09/2011 03:12 AM, Rookcifer wrote: > I am using LUKS/dm-crypt to encrypt a storage drive I have (sdb). I > wanted to change the LUKS passphrase on this volume, so I ran the > following command: > > cryptsetup luksAddKey /dev/sdb1 > > I was prompted for my passphrase and slot 0 was unlocked. Then I went > to enter the new passphrases, so I entered it and was asked to verify. > I entered it again. It gave me a prompt that the passwords did not > match. No big deal, right? I must have mistyped. So I went through > the process again, but this time I was not able to unlock the master > key! I am now locked out of my volume completely and I have no idea > what to do. > > Is this a bug or did I do something wrong? I should not be locked out > of my volume after failing to change the pass phrase! Of course it should work. But you have not specified important info: cryptsetup version? cryptsetup with the --debug output? which distro? some erors in syslog? (io errors?) if it is broken now, also luksDump of the partition. cryptsetup should never touch original keyslot area, so even if adding new fails, the old must always stay the same. Milan