Howto add a passphrase to encrypted volume using LUKS<\/p>\n
From the manpage CRYPTSETUP(8)<\/p>\n
Find a free slot for your new passphrase<\/p>\n Key Slot 2 is available<\/p>\n Check with cryptsetup To delete a passphrase use the luksKillSlot<\/p>\n Deleting the newly added key (Key Slot 2)<\/p>\n Check with cryptsetup Howto add a passphrase to encrypted volume using LUKS From the manpage CRYPTSETUP(8) LUKS,\u00a0 Linux Unified Key Setup, is a standard for hard disk encryption. It standardizes a partition header, as well as the format of the bulk data. LUKS … Continue reading LUKS,\u00a0 Linux Unified Key Setup, is a standard for hard disk encryption. It standardizes a partition header, as well as the format of the bulk data. LUKS can manage\u00a0 multiple\u00a0 passwords,\u00a0 that can be revoked effectively and that are protected against dictionary attacks with PBKDF2.<\/code><\/p>\nroot@d410:\/# cryptsetup luksDump \/dev\/sda5<\/strong><\/code>
\nLUKS header information for \/dev\/sda5
\nVersion: 1
\nCipher name: aes
\nCipher mode: cbc-essiv:sha256
\nHash spec: sha1
\nPayload offset: 2056
\nMK bits: 256
\nMK digest: 21 d9 81 23 41 ce ed 02 eb b6 6d ab 7b 11 09 14 79
\nMK salt: 81 67 8f 42 ba 90 73 db 5c 92 e0 d9 b0 e4 f8 75 e0 30 61 49 9f 8a 21 3e 50 28 1f 33 58 1b 87
\nMK iterations: 18125
\nUUID: 9b250a8f-3dab-4162-8e1f-5bf7945e9fa0
\n<\/code>
\nKey Slot 0: ENABLED
\nIterations: 74344
\nSalt: b4 ab 33 6b 82 31 ee ef 02 hb b6 b0 e4 f8 75 c1
\nb7 d4 0b 5d 93 11 40 65 7a 2f 18 d6 ee fd b6 d3
\nKey material offset: 8
\nAF stripes: 4000
\nKey Slot 1: ENABLED
\nIterations: 74751
\nSalt: 5c 92 e0 d9 ec f4 3a 21 42 39 fe 4a 47 52 29 19
\n85 7e 93 c1 c9 dd 9f 8a 2e 3d 54 24 1f 30 2f ea
\nKey material offset: 264
\nAF stripes: 4000
\nKey Slot 2: DISABLED
\nKey Slot 3: DISABLED
\nKey Slot 4: DISABLED
\nKey Slot 5: DISABLED
\nKey Slot 6: DISABLED
\nKey Slot 7: DISABLED<\/code><\/p>\nroot@d410# cryptsetup -y luksAddKey \/dev\/sda5 --key-slot=2<\/strong>
\nEnter any passphrase: <enter an existing passphrase<\/strong>>
\nVerify passphrase: <enter the same passphrase as above<\/strong>>
\nEnter new passphrase for key slot: <enter a new passphrase<\/strong>>
\nVerify passphrase: <repeat the new passphrase><\/strong><\/code><\/p>\n
\nroot@d410:\/# cryptsetup luksDump \/dev\/sda5<\/strong><\/code>
\n<snip><\/em>
\nKey Slot 2: ENABLED
\nIterations: 73322
\nSalt: 6b e2 3c 31 19 f3 ad 74 43 52 11 91 f4 68 dd f2
\n49 7f 65 32 54 40 a7 71 1c 1a 4c fe 15 25 56 cb
\nKey material offset: 520
\nAF stripes: 4000
\n <\/snip><\/em><\/code><\/p>\nroot@d410:\/# cryptsetup luksKillSlot \/dev\/sda5 2<\/strong>
\nEnter any remaining LUKS passphrase: <enter an existing passphrase<\/strong>>
\n<\/code><\/p>\n
\nroot@d410:\/# cryptsetup luksDump \/dev\/sda5<\/strong><\/code>
\n <snip><\/em>
\nKey Slot 2: DISABLED
\n <\/snip><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"