From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from server.dwo.hu (mail.dwo.hu [195.184.10.62]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Wed, 27 Aug 2014 08:00:05 +0200 (CEST) Received: from 4e5c4d15.dsl.pool.telekom.hu ([78.92.77.21] helo=[192.168.2.101]) by server.dwo.hu with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.77) (envelope-from ) id 1XMVpA-0001Gd-VQ for dm-crypt@saout.de; Wed, 27 Aug 2014 07:31:13 +0200 Message-ID: <53FD6D1F.40307@dwo.hu> Date: Wed, 27 Aug 2014 07:31:11 +0200 From: Vasas Csaba MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-2; format=flowed Content-Transfer-Encoding: 7bit Subject: [dm-crypt] cryptsetup 1.6.6: No key available with this passphrase. List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de hi there! i use luks encryption with gpg encrypted key, which nicely works cryptsetup 1.6.1/gcrypt 1.5.3 but doesn't works with cryptsetup 1.6.6/gcrypt 1.6.1 here is the debug message from cryptsetup 1.6.6/gcrypt 1.6.1: # cryptsetup 1.6.6 processing "cryptsetup --key-file=- luksOpen /dev/vg0/root sroot --debug" # Running command open. # Locking memory. # Installing SIGINT/SIGTERM handler. # Unblocking interruption on signal. # Allocating crypt device /dev/vg0/root context. # Trying to open and read device /dev/vg0/root. # Initialising device-mapper backend library. # Trying to load LUKS1 crypt type from device /dev/vg0/root. # Crypto backend (gcrypt 1.6.1) initialized. # Detected kernel Linux 3.14-2-rt-amd64 x86_64. # Reading LUKS header of size 1024 from device /dev/vg0/root # Key length 32, device size 1933582336 sectors, header size 2050 sectors. # Timeout set to 0 miliseconds. # Password retry count set to 3. # Password verification disabled. # Iteration time set to 1000 miliseconds. # Password retry count set to 1. # Activating volume sroot [keyslot -1] using keyfile -. # dm version OF [16384] (*1) # dm versions OF [16384] (*1) # Detected dm-crypt version 1.13.0, dm-ioctl version 4.27.0. # Device-mapper backend running with UDEV support enabled. # dm status sroot OF [16384] (*1) # STDIN descriptor passphrase entry requested. # Trying to open key slot 0 [ACTIVE_LAST]. # Reading key slot 0 area. # Using userspace crypto wrapper to access keyslot area. # Trying to open key slot 1 [INACTIVE]. # Trying to open key slot 2 [INACTIVE]. # Trying to open key slot 3 [INACTIVE]. # Trying to open key slot 4 [INACTIVE]. # Trying to open key slot 5 [INACTIVE]. # Trying to open key slot 6 [INACTIVE]. # Trying to open key slot 7 [INACTIVE]. No key available with this passphrase. # Releasing crypt device /dev/vg0/root context. # Releasing device-mapper backend. # Unlocking memory. Command failed with code 1: No key available with this passphrase. and here is the debug message from cryptsetup 1.6.1/gcrypt 1.5.3 # cryptsetup 1.6.1 processing "cryptsetup --key-file=- luksOpen /dev/vg0/root sroot --debug" # Running command open. # Locking memory. # Installing SIGINT/SIGTERM handler. # Unblocking interruption on signal. # Allocating crypt device /dev/vg0/root context. # Trying to open and read device /dev/vg0/root. # Initialising device-mapper backend library. # Trying to load LUKS1 crypt type from device /dev/vg0/root. # Crypto backend (gcrypt 1.5.3) initialized. # Reading LUKS header of size 1024 from device /dev/vg0/root # Key length 32, device size 1933582336 sectors, header size 2050 sectors. # Timeout set to 0 miliseconds. # Password retry count set to 3. # Password verification disabled. # Iteration time set to 1000 miliseconds. # Password retry count set to 1. # Activating volume sroot [keyslot -1] using keyfile -. # dm version OF [16384] (*1) # dm versions OF [16384] (*1) # Detected dm-crypt version 1.13.0, dm-ioctl version 4.27.0. # Udev is not running. Not using udev synchronisation code. # Device-mapper backend running with UDEV support disabled. # dm status sroot OF [16384] (*1) # STDIN descriptor passphrase entry requested. # Trying to open key slot 0 [ACTIVE_LAST]. # Reading key slot 0 area. # Calculated device size is 250 sectors (RW), offset 8. # DM-UUID is CRYPT-TEMP-temporary-cryptsetup-6389 # dm create temporary-cryptsetup-6389 CRYPT-TEMP-temporary-cryptsetup-6389 OF [16384] (*1) # dm reload temporary-cryptsetup-6389 OFRW [16384] (*1) # dm resume temporary-cryptsetup-6389 OFRW [16384] (*1) # temporary-cryptsetup-6389: Stacking NODE_ADD (254,8) 0:6 0660 # temporary-cryptsetup-6389: Stacking NODE_READ_AHEAD 256 (flags=1) # temporary-cryptsetup-6389: Processing NODE_ADD (254,8) 0:6 0660 # Created /dev/mapper/temporary-cryptsetup-6389 # temporary-cryptsetup-6389: Processing NODE_READ_AHEAD 256 (flags=1) # temporary-cryptsetup-6389 (254:8): read ahead is 256 # temporary-cryptsetup-6389 (254:8): Setting read ahead to 256 # dm remove temporary-cryptsetup-6389 OFT [16384] (*1) # temporary-cryptsetup-6389: Stacking NODE_DEL # temporary-cryptsetup-6389: Processing NODE_DEL # Removed /dev/mapper/temporary-cryptsetup-6389 Key slot 0 unlocked. # Calculated device size is 1933578240 sectors (RW), offset 4096. # DM-UUID is CRYPT-LUKS1-2ca6c98f2a90421ebc33d686fb4c2811-sroot # dm create sroot CRYPT-LUKS1-2ca6c98f2a90421ebc33d686fb4c2811-sroot OF [16384] (*1) # dm reload sroot OFW [16384] (*1) [ 539.319314] bio: create slab at 0 # dm resume sroot OFW [16384] (*1) # sroot: Stacking NODE_ADD (254,8) 0:6 0660 # sroot: Stacking NODE_READ_AHEAD 256 (flags=1) # sroot: Processing NODE_ADD (254,8) 0:6 0660 # Created /dev/mapper/sroot # sroot: Processing NODE_READ_AHEAD 256 (flags=1) # sroot (254:8): read ahead is 256 # sroot (254:8): Setting read ahead to 256 # Releasing crypt device /dev/vg0/root context. # Releasing device-mapper backend. # Unlocking memory. Command successful. is this some error in cryptsetup/gcrypt or just simply my fault? thanks for your answers! ps.: sorry for my bad english :( -- Csaba Vasas