From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wg0-x22e.google.com (mail-wg0-x22e.google.com [IPv6:2a00:1450:400c:c00::22e]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Thu, 7 Aug 2014 06:16:49 +0200 (CEST) Received: by mail-wg0-f46.google.com with SMTP id m15so3514217wgh.29 for ; Wed, 06 Aug 2014 21:16:48 -0700 (PDT) Message-ID: <53E2FDAD.8080603@gmail.com> Date: Thu, 07 Aug 2014 06:16:45 +0200 From: Milan Broz MIME-Version: 1.0 References: In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] luks header on initramfs img List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: hgabreu@gmail.com, dm-crypt@saout.de On 08/07/2014 03:09 AM, Henrique Abreu wrote: > I use to have a setup with luks header on a separate file, as describe here: > https://wiki.archlinux.org/index.php/Dm-crypt/Specialties#Encrypted_system_using_a_remote_LUKS_header > > But since update from 1.6.4 to 1.6.5 it doesn't work anymore. It just keeps asking for the passphrase on and on without any error messages. > > I noticed that, if I mount a usb drive and move the header from memory to the drive, then attempt to open again with the exact same command (below) it works: > # cryptsetup open --header header.img --type luks /dev/sda4 lvm > > So, the difference is just where the header.img file is placed. For now, I have downgraded back to 1.6.4 to keep my boot setup simpler. > I rather use the header image inside initramfs if possible instead of having to mount a usb at boot just to read the header. > > Does anyone know if that's intended for not working anymore or if it's a bug? There is no reason this should not work. (It could be bug elsewhere as well, 1.6.5 already uncovered 2 kernel bugs...) Can you paste debug output from the failing command? (Add --debug option.) Thanks, Milan