> On Wednesday 02 September 2009 19:20:47 Ariel Laganá wrote: >> I have lenny installed on a PC in which I'm trying to use an >> encrypted swap partition with LUKS, but I want to use a keyfile >> instead of a passphrase to unlock it. >> >> I've created a 256bits random key: >> >> dd if=/dev/urandom of=/root/swapcrypt bs=1 count=256 >> >> But when I try to format the partition and set the default keyfile, >> the --key-file parameter is ignored and I'm asked for a passphrase. >> This is how I'm doing it (sda2 is my swap partition): >> >> cryptsetup luksFormat /dev/sda2 --key-file=/root/swapcrypt >> --key-slot=0 >> >> Am I missing something or is there anything I'm doing wrong? > > > Please take a look into the cryptsetup manpage to find the following: > > cryptsetup <options> <action> <action args> > > and > > luksFormat <device> [<key file>] > > initializes a LUKS partition and sets the initial key, either > via prompting or via <key file>. <options> can be [--cipher, > --verify-passphrase, --key-size, --key-slot]. >
That was it, the same thing when adding a keyfile to an existing encrypted partition with luksAddKey. It seems in Debian the --key-file= option it's only needed when opening the encrypted partition (luksOpen). Thanks!!!
signature.asc
Description: OpenPGP digital signature
