other:encryption:lukspass
no way to compare when less than two revisions
Differences
This shows you the differences between two versions of the page.
— | other:encryption:lukspass [2020/02/28 00:57] (current) – created rodolico | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Change/Add LUKS Passphrase ====== | ||
+ | LUKS is used for Full Disk Encryption, among other things. Sometimes, after you have set this up, you find you need a second passphrase, or you need to replace an existing passphrase. One recent example for me was when I retasked a laptop with an encrypted file system for another employee. They really needed most of the stuff on there, and it was a recent install, so I did not want to rebuild from scratch. However, I did not want to give her my passphrase either. | ||
+ | |||
+ | Another scenario is when you want a user to have a passphrase, but you also want a separate passphrase that IT can use to get in if necessary. | ||
+ | |||
+ | Following assumes you have a disk set up with LUKS, and you want to add or change the passphrase for it. This is based on a Devuan system install, though it should work for any Linux based system. | ||
+ | |||
+ | ===== Change LUKS Passphrase ===== | ||
+ | |||
+ | The following assumes /dev/sda5 is the partition that is encrypted (discover in step 1) | ||
+ | |||
+ | - Find the partition you need to change< | ||
+ | - Determine which key slots are populated< | ||
+ | - Change the key (assumes above showed key 2 was the one to change)< | ||
+ | |||
+ | ===== Add a new LUKS Passphrase ===== | ||
+ | |||
+ | The following assumes /dev/sda5 is the partition that is encrypted (discover in step 1) | ||
+ | |||
+ | - Find the partition you need to change< | ||
+ | - Make sure you have an empty key slot< | ||
+ | - Add the key<code bash> | ||
+ | |||
+ | ===== Delete a LUKS key ===== | ||
+ | |||
+ | The following assumes /dev/sda5 is the partition that is encrypted (discover in step 1) | ||
+ | |||
+ | - Find the partition you need to change< | ||
+ | - Make sure you have an empty key slot< | ||
+ | - Delete key 2<code bash> | ||
+ | |||
+ | |||
+ | |||
+ | ===== Links ===== | ||
+ | * [[https:// | ||
+ | * [[https:// |
other/encryption/lukspass.txt · Last modified: 2020/02/28 00:57 by rodolico