Protecting Data with Encrypted Linux Partitions Part 2 - page 2
Adding Your Own Back Door
With these commands it doesn't matter if your cryptsetup-luks
device is open or closed.
What if you can't remember if a partition is a cryptsetup-luks
partition?
# cryptsetup isLuks /dev/sda1 /dev/sda1 is not a LUKS partition
If it is a LUKS partition, it will exit silently. Yes, a positive confirmation would be nice, but that's the way it is.
You can see the entire LUKS header with this command:
# cryptsetup luksDump /dev/sda2 LUKS header information for /dev/sda2 Version: 1 Cipher name: aes Cipher mode: cbc-plain Hash spec: sha1 Payload offset: 1032 MK bits: 128 MK digest: 40 cc 8c ff b4 0d f2 ... MK salt: 5e 8f 35 dd 4d 1a 8c ... cb 70 da a7 b8 06 11 ... MK iterations: 10 UUID: 1c390791-bd8a-4655-b722-6d0bcbbdf547 Key Slot 0: ENABLED Iterations: 168940 Salt: 88 e9 98 ... 65 5f c9 ... Key material offset: 8 AF stripes: 4000 Key Slot 1: ENABLED Iterations: 166133 Salt: b7 77 84 ... 66 91 93 ... Key material offset: 136 AF stripes: 4000 Key Slot 2: ENABLED Iterations: 166970 Salt: cf 5c 82 ... d9 9b c5 ... Key material offset: 264 AF stripes: 4000 Key Slot 3: DISABLED Key Slot 4: DISABLED Key Slot 5: DISABLED Key Slot 6: DISABLED Key Slot 7: DISABLED
This shows that there are three passwords set, the device UUID, the type of encryption used, and other details.
- Skip Ahead
- 1. Adding Your Own Back Door
- 2. Adding Your Own Back Door
- 3. Adding Your Own Back Door
- 4. Adding Your Own Back Door
- 5. Adding Your Own Back Door
- 6. Adding Your Own Back Door