From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id or81USClCCWn for ; Tue, 19 Jun 2012 13:26:35 +0200 (CEST) Received: from mail-wi0-f178.google.com (mail-wi0-f178.google.com [209.85.212.178]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.saout.de (Postfix) with ESMTPS for ; Tue, 19 Jun 2012 13:26:35 +0200 (CEST) Received: by wibhn6 with SMTP id hn6so3146980wib.1 for ; Tue, 19 Jun 2012 04:26:35 -0700 (PDT) Message-ID: <4FE061DE.5080200@gmail.com> Date: Tue, 19 Jun 2012 13:26:22 +0200 From: Milan Broz MIME-Version: 1.0 References: <4FE05A32.9010402@gresille.org> In-Reply-To: <4FE05A32.9010402@gresille.org> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] Option "validate passphrase" for command cryptsetup List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Louis Cc: dm-crypt@saout.de On 06/19/2012 12:53 PM, Louis wrote: > Hello, > for information, I wrote a small C program to check if the given > passphrase is correct, without doing anything on the disk. The command > is used this way: > If you think it can benefit cryptsetup, I offer to write the necessary > patch to include it to cryptsetup (as a "luksValidateKey" LUKS action). Special program or command is IMHO overkill, isn't enough just to add option to cryptsetup luksOpen (--dry-run, --no-activate, whatever you prefer)? So it will work just like # cryptsetup luksOpen /dev/sdc anything --dry-run --verbose Enter passphrase for /dev/sdc: No key available with this passphrase. Enter passphrase for /dev/sdc: Key slot 0 unlocked. Command successful. Trivial to add to code... (while I am doing another RC today, it can be done today even ;-) Milan