Bug#418450: [Pkg-cryptsetup-devel] Bug#418450: cryptsetup: --key-file=- does not work as advertised

David Härdeman david at hardeman.nu
Thu Apr 12 20:08:19 UTC 2007


On Mon, Apr 09, 2007 at 09:45:42PM +0200, Marc Haber wrote:
>--key-file=- does not take a key from standard input:
>
>root at grml /mnt/hda1 # ./keyscript | cryptsetup -d - luksOpen /dev/hda5 hda5_crypt
>Command failed.
>root at grml /mnt/hda1 # ./keyscript | cryptsetup --key-file=- luksOpen /dev/hda5 hda5_crypt
>Command failed.
>root at grml /mnt/hda1 # ./keyscript | cryptsetup --key-file - luksOpen /dev/hda5 hda5_crypt
>Command failed.
>root at grml /mnt/hda1 # ./keyscript | cryptsetup luksOpen /dev/hda5 hda5_crypt
>key slot 0 unlocked.
>Command successful.
>root at grml /mnt/hda1 #

I'm guessing keyscript generates output which includes a newline which 
is not really part of the key?

austin:~# dd if=/dev/zero of=/test.img bs=1k count=1k
1024+0 records in
1024+0 records out
1048576 bytes (1.0 MB) copied, 0.00791454 seconds, 132 MB/s
austin:~# losetup -f /test.img 
austin:~# cryptsetup luksFormat /dev/loop0 

WARNING!
========
This will overwrite data on /dev/loop0 irrevocably.

Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase: test
Verify passphrase: test
Command successful.
austin:~# echo -n "test" | cryptsetup --key-file=- luksOpen /dev/loop0 test
key slot 0 unlocked.
Command successful.
austin:~# cryptsetup remove test
austin:~# echo "test" | cryptsetup luksOpen /dev/loop0 test
key slot 0 unlocked.
Command successful.
austin:~# cryptsetup remove test
austin:~# echo "test" | cryptsetup --key-file=- luksOpen /dev/loop0 test
Command failed.

-- 
David Härdeman





More information about the Pkg-cryptsetup-devel mailing list