[dm-crypt] cryptsetup 1.6.6: No key available with this passphrase.

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Vasas Csaba <vcsaba@dwo.hu>
To: dm-crypt@saout.de
Subject: [dm-crypt] cryptsetup 1.6.6: No key available with this passphrase.
Date: Wed, 27 Aug 2014 07:31:11 +0200	[thread overview]
Message-ID: <53FD6D1F.40307@dwo.hu> (raw)

hi there!

i use luks encryption with gpg encrypted key, which nicely works 
cryptsetup 1.6.1/gcrypt 1.5.3 but doesn't works with cryptsetup 
1.6.6/gcrypt 1.6.1

here is the debug message from cryptsetup 1.6.6/gcrypt 1.6.1:
# cryptsetup 1.6.6 processing "cryptsetup --key-file=- luksOpen 
/dev/vg0/root sroot --debug"
# Running command open.
# Locking memory.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Allocating crypt device /dev/vg0/root context.
# Trying to open and read device /dev/vg0/root.
# Initialising device-mapper backend library.
# Trying to load LUKS1 crypt type from device /dev/vg0/root.
# Crypto backend (gcrypt 1.6.1) initialized.
# Detected kernel Linux 3.14-2-rt-amd64 x86_64.
# Reading LUKS header of size 1024 from device /dev/vg0/root
# Key length 32, device size 1933582336 sectors, header size 2050 sectors.
# Timeout set to 0 miliseconds.
# Password retry count set to 3.
# Password verification disabled.
# Iteration time set to 1000 miliseconds.
# Password retry count set to 1.
# Activating volume sroot [keyslot -1] using keyfile -.
# dm version   OF   [16384] (*1)
# dm versions   OF   [16384] (*1)
# Detected dm-crypt version 1.13.0, dm-ioctl version 4.27.0.
# Device-mapper backend running with UDEV support enabled.
# dm status sroot  OF   [16384] (*1)
# STDIN descriptor passphrase entry requested.
# Trying to open key slot 0 [ACTIVE_LAST].
# Reading key slot 0 area.
# Using userspace crypto wrapper to access keyslot area.
# Trying to open key slot 1 [INACTIVE].
# Trying to open key slot 2 [INACTIVE].
# Trying to open key slot 3 [INACTIVE].
# Trying to open key slot 4 [INACTIVE].
# Trying to open key slot 5 [INACTIVE].
# Trying to open key slot 6 [INACTIVE].
# Trying to open key slot 7 [INACTIVE].
No key available with this passphrase.
# Releasing crypt device /dev/vg0/root context.
# Releasing device-mapper backend.
# Unlocking memory.
Command failed with code 1: No key available with this passphrase.

and here is the debug message from cryptsetup 1.6.1/gcrypt 1.5.3
# cryptsetup 1.6.1 processing "cryptsetup --key-file=- luksOpen 
/dev/vg0/root sroot --debug"
# Running command open.
# Locking memory.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Allocating crypt device /dev/vg0/root context.
# Trying to open and read device /dev/vg0/root.
# Initialising device-mapper backend library.
# Trying to load LUKS1 crypt type from device /dev/vg0/root.
# Crypto backend (gcrypt 1.5.3) initialized.
# Reading LUKS header of size 1024 from device /dev/vg0/root
# Key length 32, device size 1933582336 sectors, header size 2050 sectors.
# Timeout set to 0 miliseconds.
# Password retry count set to 3.
# Password verification disabled.
# Iteration time set to 1000 miliseconds.
# Password retry count set to 1.
# Activating volume sroot [keyslot -1] using keyfile -.
# dm version   OF   [16384] (*1)
# dm versions   OF   [16384] (*1)
# Detected dm-crypt version 1.13.0, dm-ioctl version 4.27.0.
# Udev is not running. Not using udev synchronisation code.
# Device-mapper backend running with UDEV support disabled.
# dm status sroot  OF   [16384] (*1)
# STDIN descriptor passphrase entry requested.
# Trying to open key slot 0 [ACTIVE_LAST].
# Reading key slot 0 area.
# Calculated device size is 250 sectors (RW), offset 8.
# DM-UUID is CRYPT-TEMP-temporary-cryptsetup-6389
# dm create temporary-cryptsetup-6389 
CRYPT-TEMP-temporary-cryptsetup-6389 OF   [16384] (*1)
# dm reload temporary-cryptsetup-6389  OFRW    [16384] (*1)
# dm resume temporary-cryptsetup-6389  OFRW    [16384] (*1)
# temporary-cryptsetup-6389: Stacking NODE_ADD (254,8) 0:6 0660
# temporary-cryptsetup-6389: Stacking NODE_READ_AHEAD 256 (flags=1)
# temporary-cryptsetup-6389: Processing NODE_ADD (254,8) 0:6 0660
# Created /dev/mapper/temporary-cryptsetup-6389
# temporary-cryptsetup-6389: Processing NODE_READ_AHEAD 256 (flags=1)
# temporary-cryptsetup-6389 (254:8): read ahead is 256
# temporary-cryptsetup-6389 (254:8): Setting read ahead to 256
# dm remove temporary-cryptsetup-6389  OFT    [16384] (*1)
# temporary-cryptsetup-6389: Stacking NODE_DEL
# temporary-cryptsetup-6389: Processing NODE_DEL
# Removed /dev/mapper/temporary-cryptsetup-6389
Key slot 0 unlocked.
# Calculated device size is 1933578240 sectors (RW), offset 4096.
# DM-UUID is CRYPT-LUKS1-2ca6c98f2a90421ebc33d686fb4c2811-sroot
# dm create sroot CRYPT-LUKS1-2ca6c98f2a90421ebc33d686fb4c2811-sroot 
OF   [16384] (*1)
# dm reload sroot  OFW    [16384] (*1)
[  539.319314] bio: create slab <bio-0> at 0
# dm resume sroot  OFW    [16384] (*1)
# sroot: Stacking NODE_ADD (254,8) 0:6 0660
# sroot: Stacking NODE_READ_AHEAD 256 (flags=1)
# sroot: Processing NODE_ADD (254,8) 0:6 0660
# Created /dev/mapper/sroot
# sroot: Processing NODE_READ_AHEAD 256 (flags=1)
# sroot (254:8): read ahead is 256
# sroot (254:8): Setting read ahead to 256
# Releasing crypt device /dev/vg0/root context.
# Releasing device-mapper backend.
# Unlocking memory.
Command successful.

is this some error in cryptsetup/gcrypt or just simply my fault?

thanks for your answers!

ps.: sorry for my bad english :(

-- 
Csaba Vasas

next             reply	other threads:[~2014-08-27  6:00 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-08-27  5:31 Vasas Csaba [this message]
2014-08-27  7:00 ` [dm-crypt] cryptsetup 1.6.6: No key available with this passphrase Milan Broz
2014-08-27 14:34   ` Vasas Csaba
2014-08-27 15:28     ` Matthias Schniedermeyer
2014-08-27 16:35       ` Vasas Csaba

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=53FD6D1F.40307@dwo.hu \
    --to=vcsaba@dwo.hu \
    --cc=dm-crypt@saout.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.