From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lo.gmane.org (lo.gmane.org [80.91.229.12]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.saout.de (Postfix) with ESMTPS for ; Tue, 25 Aug 2009 00:50:46 +0200 (CEST) Received: from list by lo.gmane.org with local (Exim 4.50) id 1MfiNB-0004Ap-Eq for dm-crypt@saout.de; Tue, 25 Aug 2009 00:50:45 +0200 Received: from port-87-193-186-180.static.qsc.de ([87.193.186.180]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 25 Aug 2009 00:50:45 +0200 Received: from thomas by port-87-193-186-180.static.qsc.de with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 25 Aug 2009 00:50:45 +0200 From: =?ISO-8859-15?Q?Thomas_B=E4chler?= Date: Tue, 25 Aug 2009 00:50:23 +0200 Message-ID: References: <20090824100211.5c162f1a@Computername> <4A92B7F9.7060102@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 7bit In-Reply-To: <4A92B7F9.7060102@redhat.com> Sender: news Subject: Re: [dm-crypt] Broken header of a luks-partition - more than once List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de > spamzad@googlemail.com wrote: >> Something must have overwritten the header (posted it at the bottom) - >> and I have no clue what. >> That's exactly my question now: might it be a bug in cryptsetup or can >> i rule that out? I have been using LUKS for several years on three different devices and I have had many users using it for their (note|net)books. I have yet to hear any report of breakage from my users or experience it myself. Milan Broz schrieb: > But see crypttab here - you have tmp device created as regular encrypted device > with random key - are you sure that kernel _cannot_ swap sda & sdb and > your system just formats temp device here? > >> # >> home /dev/sdb2 none luks >> ctmp /dev/sda2 /dev/urandom >> tmp,cipher=aes-cbc-essiv:sha256 >> cswap /dev/sda5 /dev/urandom >> swap,cipher=aes-cbc-essiv:sha256 Milan is probably right here, device names on modern distributions are not deterministic! However, the underlying script should be careful not to the device under the random key mapping if it contains a valid filesystem. crypttab functionality is not part of cryptsetup, but part of your distribution. You should report this problem there.