If this is a non-LUKS mapping, the problem is this: a non-LUKS mapping makes a mapping with whatever passphrase you supply-and whatever key the hash yields.
Only the mapping with the RIGHT key yields a mountable filesystem or any meaningful data from the cipherdata, but all the possible mapping are equally valid for a non-LUKS mapping as far as cryptsetup is concerned. Proof of this is to set up and mount a non-Luks mapping and add test data. now unmount, remove the mapping and make a new mapping with a new passphrase. you cannot mount it, but you CAN make a new filesystem on it, overwriting the old! This proves that cryptsetup regards each mapping as as valid as the old. To fix this for a non-LUKS mapping would require calling both cryptsetup and mount inside a single script that would re-call cryptsetup if mount fails, in the process recalling the passphrase dialog as well. Best fix: use a LUKS mapping-a bad passphrase means NO mapping-and cryptsetup will ask you for the passphrase again. Bug report #55159 details a different problem in Jaunty: Now cryptsetup will re-prompt for a bad passphrase in LUKS-but echoes every try to the console! You can fix that with the patch I uploaded (SECOND version if non-LUKS compatability needed!). A bad passphrase will then stop the boot in LUKS, waiting silently without prompting again, for you to get the passphrase right or run out of tries. Then booting resumes, with the encrypted partition if you got the right passphrase or without it if you ran out of tries. In a non-LUKS mapping, one bad passphrase and boot still continues without the encrypted partition, as mentioned above and for the same reasons. LUKS is probably the best patch for that problem-and it's far more secure as it armored passphrases against dictionary attacks and uses an essiv-IV mapping to defeat watermark attacks by default. If you want a 256 bit key, though, you DO have to specify it during luksFormat. -- cryptdisks-early fails to re-prompt if passphrase is incorrect https://bugs.launchpad.net/bugs/260462 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
