[pkg-cryptsetup-devel] Bug#529359: cryptsetup: using an invalid passphrase or image "luksOpen" fails but "create" succeeds (incoherent behaviour)

Nahuel Greco ngreco at gmail.com
Mon May 18 20:22:09 UTC 2009 

Package: cryptsetup
Version: 2:1.0.6-7
Severity: minor

When you try to create a mapping using an invalid passphrase or a non-LUKS source image, "create" 
succeeds without giving any warning/error and the mapping is created. This behaviour is 
incoherent with the "luksOpen" one, because "luksOpen" gives an error when the entered passphrase
is wrong and no mapping is created. I think is necessary to fix or document this discrepancy to
avoid confusions. Example using an invalid image:

serge:/tmp# dd if=/dev/zero of=/tmp/test.img bs=1024k seek=1 count=0
0+0 records in
0+0 records out
0 bytes (0 B) copied, 1.76e-05 s, 0.0 kB/s
serge:/tmp# losetup /dev/loop2 test.img
serge:/tmp# losetup -a
/dev/loop2: [fe03]:2703637 (test.img)
serge:/tmp# ls /dev/mapper/
control
serge:/tmp# cryptsetup luksOpen /dev/loop2 testmap
Enter LUKS passphrase: <HERE I ENTER ANYTHING>
Command failed: No key available with this passphrase.

serge:/tmp# ls /dev/mapper/
control
serge:/tmp# cryptsetup create testmap /dev/loop2
Enter passphrase: <HERE I ENTER ANYTHING>
sh: /sbin/udevsettle: No such file or directory
serge:/tmp# ls /dev/mapper/
control  testmap
serge:/tmp#

(note, there is also another problem related with /sbin/udevsettle, 
but here I'm not reporting it)


-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores)
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash

Versions of packages cryptsetup depends on:
ii  dmsetup                      2:1.02.30-3 The Linux Kernel Device Mapper use
ii  libc6                        2.9-4       GNU C Library: Shared libraries
ii  libdevmapper1.02.1           2:1.02.30-3 The Linux Kernel Device Mapper use
ii  libpopt0                     1.14-4      lib for parsing cmdline parameters
ii  libuuid1                     1.41.3-1    universally unique id library

cryptsetup recommends no packages.

Versions of packages cryptsetup suggests:
ii  dosfstools                    3.0.2-1    utilities for making and checking 
ii  initramfs-tools [linux-initra 0.93.2     tools for generating an initramfs
ii  udev                          0.141-1    /dev/ and hotplug management daemo

-- no debconf information

More information about the pkg-cryptsetup-devel mailing list