On 05/05/2010 10:23 PM, Stefan G. Weichinger wrote: > Am 05.05.2010 22:17, schrieb Stefan G. Weichinger: > >> Remember that I said: "I am not sure which HOWTO I followed" ? >> >> What if I didn't use aes-256-ecb? You don't need to supplay that information to cryptsetup, it can (should) autodetect it. To see that info for yourself run: $ cryptsetup luksDump /dev/mapper/VG01-crypthome
> Yep. See pam_mount.conf.xml: > It's "aes-256-cbc" in my case. > > I was now able to luksOpen and I have the decrypted device mounted. Hooray :) > Nice. > > So: > > the user-pw didn't change and the keyfile is OK. > > So why is pam_mount unable to mount it? > > I will now pull another backup and check/add fallback keys ;-) There are interesting options in the cryptsetup-man page: luksHeaderBackup and luksHeaderRestore... I think I'll add that to my backup scripts :) Bye, Daniel -- PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887&op=get # gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887
signature.asc
Description: OpenPGP digital signature
