LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 11-13-2013, 05:45 AM   #1
diarmuidmcd
LQ Newbie
 
Registered: Nov 2005
Distribution: Slackware 14.1
Posts: 2

Rep: Reputation: 0
14.1 - Encrypted LVM - Password Length Problems


Hi Guys

I seem to have stumbled across a problem with cryptsetup and encrypted LVM's for FDE..

Normally, since 13.0 at any rate, I set up my disk with a 500 MB boot partition and the balance as 8e (Linux LVM) and follow README_CRYPT.txt to the letter..

My password is about 25 char long and I can unlock the encrypted LVM during the setup.. However, after setup has completed, and I reboot into the installed system, the password is not accepted at the cryptsetup prompt generated by the initrd.. it says that no key is available..

My initrd is created using the following command:

mkinitrd -c -k 3.10.17 -m ext4 -f ext4 -r /dev/vg_athena/lv_root -C /dev/sda2 -L -l uk -h /dev/vg_athena/lv_swap

I use the UK keyboard during the setup and have confirmed (at least visually) that the initrd is setting it during the initial boot..

For pig iron, I added another, much shorter key to the crypt by rebooting the installer disk and using cryptsetup luksAddKey /dev/sda2. On reboot, the much shorter key was accepted without issue and unlocked the crypt partition!

Any ideas? This was not a problem in 14.0 as I have used the same password on the same hardware for a good while (bad form i know!)

Thanks in advance for the help..

Apologies for the rambling first post..

Diarmuid
 
Old 11-13-2013, 06:45 AM   #2
spat
LQ Newbie
 
Registered: Nov 2013
Posts: 1

Rep: Reputation: Disabled
I'll tag an observation to this if I may. I had a USB stick which opened my encrypted LVM with a longish keyfile (about 1kB alphanumeric) on 14.0 but the same keyfile now fails to open it after a fresh 14.1 install onto the same LVM. I then luksAddKey'd a short key (2 alphanumerics) by hand and that's what I'm typing when I boot at the moment, I've not gone back yet to see what went wrong.

mkinitrd -c -k 3.10.17 -m ext4 twofish -f ext4 -r /dev/zvg/root2 -C /dev/sda3 -l uk -L -K LABEL=SANDISK:/gorilla/zoostorm.luks -w 5

That's the same mkinitrd as I used on 14.0 except for the kernel version. The USB stick's unchanged.

If there is a key length issue then I'm in the right thread. If it isn't then I've no suggestion to diarmuidmcd beyond a mistrust of arcane characters in a password if the uk keyboard is inadvertently not declared at some stage.



eta: No, not a password length issue for me - I found http://blog.tpa.me.uk/2013/11/11/sla...yboard-issues/ and changed my mkinitrd to:

mkinitrd -c -k 3.10.17 -m ext4::jbd2:mbcache:ehci-pci:ehci-hcd:xhci-hcd:uhci-hcdhci-hcd:usbhid:hid_generic:hid:twofish -f ext4 -r /dev/zvg/root2 -C /dev/sda3 -l uk -L -K LABEL=SANDISK:/gorilla/zoostorm.luks -w 5

and my USB keyfile is now opening LUKS as it did on 14.0. I'm sure I can trim plenty from that string of modules.

Last edited by spat; 11-13-2013 at 08:06 AM.
 
1 members found this post helpful.
  


Reply

Tags
cryptsetup, encrypted partition, luks


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Shrink partition (LVM encrypted PVs + encrypted LVs) gedaj Linux - Newbie 2 05-22-2013 03:44 AM
Resizable encrypted LVM requiring just one password on boot (encrypted volume group)? Nyyr Linux - Software 9 01-24-2013 05:52 AM
Ubuntu 11.04 encrypted LVM password not working after user login password change prateekm21 Linux - Security 0 10-29-2011 01:20 PM
[SOLVED] Encrypted LVM Phorize Slackware 20 05-18-2011 04:30 PM
Encrypted LVM mashcaster Linux - Security 1 12-19-2008 11:17 AM


All times are GMT -5. The time now is 10:57 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration