From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jonas@freesources.org>
Received: from mail.saout.de ([127.0.0.1])
 by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id e9SdyVlAeW18 for <dm-crypt@saout.de>;
 Mon, 31 Oct 2011 23:41:02 +0100 (CET)
Received: from mail01.freesources.org (mail01.freesources.org [80.237.252.149])
 (using TLSv1 with cipher AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mail.saout.de (Postfix) with ESMTPS
 for <dm-crypt@saout.de>; Mon, 31 Oct 2011 23:41:02 +0100 (CET)
Received: from ip-94-79-161-2.unitymediagroup.de ([94.79.161.2]
 helo=[192.168.0.104])
 by mail01.freesources.org with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
 (Exim 4.69) (envelope-from <jonas@freesources.org>)
 id 1RL0XM-0005KG-IV
 for dm-crypt@saout.de; Mon, 31 Oct 2011 22:41:02 +0000
Message-ID: <4EAF23FB.9020008@freesources.org>
Date: Mon, 31 Oct 2011 23:40:59 +0100
From: Jonas Meurer <jonas@freesources.org>
MIME-Version: 1.0
References: <CAP8O3oPrQ69b+p9QeUOgOumL4LSovQJQffWNR_SZskF-UaJ18g@mail.gmail.com>
 <1319817228.19412.36.camel@localhost.localdomain>
 <20111028160300.GA26111@tansi.org>
 <CAP8O3oN0vb+gpgRPMS06q0qrih9ouPJBgSguotS6LxYxip1=ew@mail.gmail.com>
 <20111028162428.GA26437@tansi.org>
 <CAP8O3oNRuobd+7+4Ttm9p=KXvO8e45X_VrLQtV2A+qUL_=1DOQ@mail.gmail.com>
 <20111028172044.GA1850@fancy-poultry.org>
 <CAP8O3oOo8Xw-o8MhHMbN-PPpscuKdtu_rP3S-su8sjem-1PmUA@mail.gmail.com>
 <20111029074352.GA6320@tansi.org>
 <CAP8O3oPX0Mwc+hMRfVKDqwjPpMquH=dDCLpL-Wc2awFM6EscJA@mail.gmail.com>
 <20111030173230.GA31497@tansi.org>
 <CAP8O3oMseYV46HOg1Uu3L7hb3NFZWf-j10cCqyHUki4K-Ns2Sw@mail.gmail.com>
 <4EADCEF5.2070405@freesources.org>
 <CAP8O3oNnSWO2q5-97XkcpxE-FK7nyyTF1YSSWCf+F+crpr2pEw@mail.gmail.com>
In-Reply-To: <CAP8O3oNnSWO2q5-97XkcpxE-FK7nyyTF1YSSWCf+F+crpr2pEw@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [dm-crypt] please HELP - can't acces encrypted LVM after linux
 reinstallation.
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am 31.10.2011 01:30, schrieb Aleksander Swirski:
> I'm pretty sure this warning is only displayed when someone decides
> to create new crypto on some partition or fill encrypted device
> with random data in the next step after setting the password. but
> just setting the password on an existing device makes data unusable
> without warning. when the partitioning is finished there is a list
> of partitions that will be wiped out, and also, during my
> installation crypto-deviced and /home inside LVM was not listed
> there, but already lost few clicks earlier.

I'm not sure what you mean by 'setting the password on an existing
device'. Last time I checked, the Debian Installer didn't support to
unlock and integrate existing encrypted partitions. You needed to do
this manually on the console. Thus, there was no way to set the
password for an existing device.

I'm pretty sure that you did what you called to 'create new crypto on
some partition'.

Nevertheless, in case that no warning was displayed to you, this
clearly should be considered as a bug.

> i understand that it wasn't taken into consideration that someone
> can attach existing encrypted device, but only that a new one will
> be created. this is inconsistent with how it goes with unencrypted 
> partitions, where you can reattach them without formatting and keep
> your data. so i guess with encrypted partition this should also
> work that way. or maybe i miss the point? i will try to make the
> whole scenario clear, and then send my proposition, to
> debian-boot@lists.debian.org <mailto:debian-boot@lists.debian.org>

Yes, support for using existing encrypted devices is not added to the
installer yet. At least, there's a bugreport[1] with a patch. This
might be a useful starting point in case you want to work on adding
this feature.

Greetings,
 jonas

[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451535
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJOryP1AAoJEFJi5/9JEEn+s8kP/2A/ws7Dbo/rUZPY/WmFR/tx
a73AmY/AWf65ouQV89d2+cwF0587UUOFKEOm/6ZOQG8NS5Jwep/co35lSk2s7alZ
uT71R2UELFs8gkDswyBLuzq3UplISiBCZJWWJtRp/5ElYGhQ1B0ylGv3MVcfOxCh
843fmzYNr6YgJFfL960uWoRRNjGQ6C7+a/hbjkJ/ANDnv5/+cSASbSk9cjdPwJh8
sKFzTOy874sUs9rFTQlCSW7sdaNlG9WnTcIrrLJi5MRqsDA48cNbtvpexUzZOw4P
OAeIlPfMliqBlGgs6df5ChFzd3ho+gKl3drowypHa7NMXKuA0AKoRhAEMA93b1LM
ZIWQLn76aOo8+3VxBGzLZ4jr5fXI4/7ikSGPheElOdidFSq3ZHJVVo6Qzvkyn5L+
XwNf/bB9VIo5XnE88TulDPsCyAOn4wNQIGkikt6LmAvXDAA8OuRUSYKxRAxfFZHm
Qw8MTt5EnJO6rox6LcfuM52H5mFbpZsQONhTVqs6lCjj3aSuaS2UKD7u+3vnuH1L
mGnOVLIQP8o65bjE8/twNelSJRCbIdjltxvs3X60WbknfdMaj97jASBf7bolVCCk
rIYw9W644aAihCBz5B/8svjXGN3FuQdvuedrmCUkcFdmPacNDDzcKvDmF063JvdD
P+r8MM78XAqOjpROebnR
=tlhe
-----END PGP SIGNATURE-----