Discussion:
One liner for cryptsetup
(too old to reply)
Frederick Gotham
2020-09-11 00:19:18 UTC
Permalink
For the past few years, people have been doing tricks like creating named pipes in order to set the keys on LUKS partitions at the command line.

Let's say you create a new volume as follows:

echo -n pass0 | cryptsetup luksFormat /dev/sda2 -

So the password in keyslot #0 is "pass0".

Next, you want to set the password in keyslot #1 to "pass1", well I figured out how to do it with a one-liner:

echo -n "pass0pass1" | cryptsetup luksAddKey --key-file /dev/stdin --keyfile-size 5 --key-slot 1 /dev/sda2 /dev/stdin

Just make sure you set "--keyfile-size" correctly.
b***@nuttyella.co.uk
2020-09-11 08:06:11 UTC
Permalink
On Thu, 10 Sep 2020 17:19:18 -0700 (PDT)
Post by Frederick Gotham
For the past few years, people have been doing tricks like creating named
pipes in order to set the keys on LUKS partitions at the command line.
echo -n pass0 | cryptsetup luksFormat /dev/sda2 -
So the password in keyslot #0 is "pass0".
Next, you want to set the password in keyslot #1 to "pass1", well I figured
echo -n "pass0pass1" | cryptsetup luksAddKey --key-file /dev/stdin
--keyfile-size 5 --key-slot 1 /dev/sda2 /dev/stdin
Just make sure you set "--keyfile-size" correctly.
That looks like a very good way to render your system unbootable and
unrecoverable if you make a mistake.

Loading...