[pkg-cryptsetup-devel] try same password on multiple disks

[Ross Boylan]

Is there a way to get the system to retry the previous pass-phrase if
there are multiple encrypted partitions?  I set up a system with several
encrypted partitions, using the same pass-phrase for each, in the hopes
this would just work.  It didn't; I had to enter the phrase separately
for each disk.

I setup using the Lenny installer; I think this means cryptsetup is
being used underneath.

It looks as if the do_luks function in cryptdisks.functions in the
crypsetup source might be the place to tweak.

Can anyone tell me if I'm on the right track, or offer any pointers?
Are there security implications of saving the previous response in a
variable?  (I have encrypted swap).

The whole crypto/luks setup is a bit obscure to me, though I've been
reading the docs :)  First, I'm not exactly sure what LUKS is (it seems
to be a spec, but there's obviously some software implemented), and I'm
not sure exactly how and when the need for a password gets communicated,
passed to the user, and then passed back to decrypt the disk.

Thanks.
Ross Boylan

P.S. I've suppressed some details of my setup.  In case they matter:
2 identical hard disks, each with 3 identical partitions.  The first
partitions are combined with software RAID 1 and make up unencrypted
boot (md0).  The 2nd partitions are for encrypted swap.  The 3rd
partitions make up RAID1 md1, which supports an LVM volume group.  The
VG has several logical volumes, some of which are encrypted and some of
which aren't.  My thought was that it would be faster not to encrypt
everything at run-time.