wiki:mf-audit-crypt-disks

Version 1 (modified by Ross, 7 years ago) (diff)

--

mf-audit-crypt-disks

Synopsis

This command ensures we have the encrypted disk passphrase. This command only gets used on encrypted disks.

Description

It creates a new passphrase for the encrypted disk after checking for encrypted disk. For every disk it finds is a prompt to create a new passphrase. Once it checks for the default passphrase from the user, it creates a new passphrase, which it will ultimately delete. The user is asked for a passphrase four times in order to verify both new password creation and deletion of the newly created passphrase. If everything goes correctly, you should be able to enter the same passphrase four times. If you discover that you do not have the passphrase. Contact another support member who does. In this case DO NOT REBOOT THE SERVER!

Examples

0 florence:~# mf-audit-crypt-disks 
md1_crypt /dev/md1 none luks
crypt-audit: Testing key slot availability for '/dev/md1'
crypt-audit: Testing passphrase for '/dev/md1'
Enter any passphrase: 
Key slot 0 unlocked.
Enter new passphrase for key slot: 
Verify passphrase: 
Command successful.
crypt-audit: Passphrase correct, removing slot
Enter any remaining LUKS passphrase: 
Key slot 0 unlocked.
Key slot 0 verified.
Command successful.
crypt-audit: Success
0 florence:~# 

See Also