From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <arbiel.perlacremaz@gmx.fr>
Received: from mout.gmx.net (mout.gmx.net [212.227.17.22])
 (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mail.server123.net (Postfix) with ESMTPS
 for <dm-crypt@saout.de>; Thu, 25 Jun 2015 16:57:54 +0200 (CEST)
Received: from [192.168.43.166] ([80.215.167.105]) by mail.gmx.com (mrgmx101)
 with ESMTPSA (Nemesis) id 0LgdBZ-1YlSsu1lSv-00nyLd for
 <dm-crypt@saout.de>; Thu, 25 Jun 2015 16:57:53 +0200
Message-ID: <558C16DD.60809@gmx.fr>
Date: Thu, 25 Jun 2015 16:57:33 +0200
From: "Arbiel (gmx)" <arbiel.perlacremaz@gmx.fr>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="ERoG8OjFMTuPJKSs92eun2Bmw5iGLAqfJ"
Subject: [dm-crypt] Using a removable-device-recorded passphrase to decrypt
	a system
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt/>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--ERoG8OjFMTuPJKSs92eun2Bmw5iGLAqfJ
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Hi

I decided to use a 512-byte randomly generated passphrase to crypt my
system partition. I recorded this passphrase on a removable device (USB
key) and correctly wrote the crypttab and fstab files and updated my
initrd.img for all this to work.

I am anxious now to replicate my passphrase on additionnal USB keys, in
case my primary USB key get lost or damaged.

For some reasons, I cannot name all partitions where my passphrase will
be recorded with a unique label.

I tried to write several lines in the crypttab file for defining as many
passphrase locations as necessary such as
root UUID=3Duuid /dev/disk/by-label/USBkey1/passphrase:x
luks,keyscript=3D/lib/cryptsetup/scripts/passdev
root UUID=3Duuid /dev/disk/by-label/USBkey2/passphrase:x
luks,keyscript=3D/lib/cryptsetup/scripts/passdev
and so on, but this does not work.

I thank in advance anybody who can advise me on how to solve this issue.

Arbiel


--ERoG8OjFMTuPJKSs92eun2Bmw5iGLAqfJ
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iF4EAREIAAYFAlWMFusACgkQG6j+1Sdg4KsuEgD/WudDVs2Q7aqwNAXMqwnSox1/
0jAoSeTBt0ju1kUKmf0A/3igcZD5MbiR/skNOjI/oU4nzeuxB0Wv5nGqyFE0bB6C
=UsX6
-----END PGP SIGNATURE-----

--ERoG8OjFMTuPJKSs92eun2Bmw5iGLAqfJ--