1 |
Am 18.05.2010 15:05, schrieb Jan Engelhardt: |
2 |
> |
3 |
> On Monday 2010-05-17 11:14, Stefan G. Weichinger wrote: |
4 |
>> Am 16.05.2010 14:36, schrieb Jan Engelhardt: |
5 |
>>> [Replying to |
6 |
>>> http://thread.gmane.org/gmane.linux.gentoo.user/229533/focus=229542 |
7 |
>>> ] |
8 |
>>> |
9 |
>>> Second, it's using echo without the -n parameter, thus implicitly |
10 |
>>> inserting a newline into the key -- which is the cause for yoru |
11 |
>>> observed mounting problems. |
12 |
>>> |
13 |
>>> Third, because you are passing the key via stdin into cryptsetup, it |
14 |
>>> only uses the first line of whatever you pipe into it; whereas |
15 |
>>> pam_mount uses the entire keyfile as it is supposed to be. |
16 |
>>> [...] |
17 |
>> Jan, thanks for your suggestions. |
18 |
>> |
19 |
>> I created a new LUKS-volume and tried to avoid all the mentioned |
20 |
>> pitfalls (I used "echo -n", avoided stdin etc.), but this didn't help here. |
21 |
> |
22 |
> To be sure, use |
23 |
> |
24 |
> openssl -d ... | hexdump -C |
25 |
> |
26 |
> to detect newlines in the key. The shell has far too many occasions |
27 |
> where \n gets stripped or added. |
28 |
|
29 |
Thanks for the hint. |
30 |
|
31 |
Could you please show me an example how it should look like and what to |
32 |
look for? |
33 |
|
34 |
I get several lines of output, that seems bad ... ? |
35 |
|
36 |
Maybe I didn't get all the steps right, could be. |
37 |
|
38 |
Do you know any howto where it is done "the right way"? |
39 |
|
40 |
Thanks, Stefan |