[aklug] Re: Encryption with cryptsetup and luksformat

From: Ryan <carbonfreeze@gmail.com>
Date: Fri Jan 09 2009 - 23:41:06 AKST

On Fri, 9 Jan 2009 15:48:02 -0900 (AKST)
Arthur Corliss <acorliss@nevaeh-linux.org> wrote:

> On Fri, 9 Jan 2009, Damien Hull wrote:
>
> > I've got an old external USB drive that I hand encrypted with
> > luksformat a few years back. It was done before there were any GUI
> > tools. I plugged it into my Ubuntu 8.10 workstation today.
> >
> > 1. Dialog box popped up and asked for a password
> > 2. Error message saying cryptsetup was missing
> > 3. Added crypt setup
> > 4. No luck with the pass phrases I tried - couldn't remember
> > 5. Gave the CLI a try
> > 6. GOT IT!
> >
> > The drive now has new data on it. It's sitting inside a safe
> > deposit box at the bank. With all the trouble I went through
> > getting access I'm a little concerned. Is there a chance luksformat
> > will change and cut off access to my encrypted drive?
>
> I wouldn't worry about it too much. LUKS isn't really a format, it
> just creates a special header for the partition with the cipher, key
> size, and the encrypted master key lives. You can always extract
> that via dd and manually decrypt the filesystem information to an
> image and mount it via a loopback mount.
>
> I wouldn't sweat it, it's easy enough to maintain by the community
> that I expect it'll be around a long time.
>
> --Arthur Corliss
> Live Free or Die
> ---------

Atleast LUKS is usable across platforms, the old loop dev encryption
wasn't even readable across different versions of the library. LUKS can
even be opened on Win32.
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Fri Jan 9 23:41:30 2009

This archive was generated by hypermail 2.1.8 : Fri Jan 09 2009 - 23:41:30 AKST