On Fri, Feb 15, 2008 at 10:42:26AM -0800, Andrew Sackville-West wrote: > I'm confused. Can you not just enter the passphrase for the encrypted > volume and unlock it? Or is there something I'm missing here that > likely applies to my own encrypted system... >
I don't know about LUKS, but cryptmount (which I use) first autogenerates the key, encrypts it with your passphrase and stores the result under /etc/cryptmount. So to mount an encrypted drive, the key in /etc/cryptmount is decrypted with your passphrase and then used to decrypt the actual data on the partition. So, yes, if you hose the keys in /etc/cryptmount there's no way to get back at your data. Which means you must backup those keys. But like I said, LUKS may work differently. --D.
signature.asc
Description: Digital signature
