From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9ySUXnOU9beJ for ; Fri, 10 Feb 2012 22:05:09 +0100 (CET) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mail.saout.de (Postfix) with ESMTP for ; Fri, 10 Feb 2012 22:05:08 +0100 (CET) Message-ID: <4F358681.9060506@redhat.com> Date: Fri, 10 Feb 2012 22:05:05 +0100 From: Milan Broz MIME-Version: 1.0 References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] Unlocking volume using master key List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: anirudh takkallapally Cc: dm-crypt@saout.de On 02/10/2012 09:11 PM, anirudh takkallapally wrote: > My question over here is How do we unlock an encrypted volume using the Master > key? this is without having to add a new passphrase. Hm, this is interesting... it is possible through libcryptsetup API, but cryptsetup CLI allows using --master-key-file only in luksFormat and luksAddKey. It should be easy to add, if you can add issue on project page I will add it to next version (for luksOpen). For now, I think the only "simple" shell solution is to not only store master key, but whole mapping table "dmsetup table --showkeys" and activate volume using dmsetup create --table "" (bypass LUKS completely - can be dangerous if wrongly used). (in mapping table you can replace device to path to snapshot) It is not ideal solution though... Milan