this post was submitted on 01 Jun 2024
15 points (100.0% liked)

Linux Questions

1149 readers
8 users here now

Linux questions Rules (in addition of the Lemmy.zip rules)

Tips for giving and receiving help

Any rule violations will result in disciplinary actions

founded 1 year ago
MODERATORS
 

I tried the following

sudo cryptsetup luksChangekey /dev/nvme0n1p3 < new passphrase > 

It then asks for the Sudo password, then asks for the old passphrase, but then it prints this error message

Failed to open key file.

what went wrong ?

Edit: turns out using GNOME Disks is way more straightforward.. ๐Ÿ˜…, thank you all

top 11 comments
sorted by: hot top controversial new old
[โ€“] [email protected] 5 points 5 months ago

Refer to the cryptsetup-luksChangeKey man page --key-file options, you cannot change the password directly on a commandline; you either (a) type it interactively, (b) put it in a keyfile, or (c) accept input from STDIN with the standard use of - on the end (e.g. echo "mypass" | cryptsetup luksChangeKey /dev/sda - )

[โ€“] [email protected] 4 points 5 months ago

The correct syntax is cryptsetup luksChangeKey <device> <key file>. So what you tried is opening a file that is named like your new passphrase. Such a file of course (hopefully) doesn't exist.

Just omit the last parameter, i.e. sudo cryptsetup luksChangekey /dev/nvme0n1p3 and enter the new password when it asks you to.

[โ€“] [email protected] 2 points 5 months ago (1 children)

What is the output if you run sudo cryptsetup --verbose open --test-passphrase /dev/nvme0n1p3?

[โ€“] [email protected] 2 points 5 months ago (1 children)

It asks for the sudo password, then it prints

No usable token is available.

Then it asks : Enter passphrase for /dev/nvme0n1p3:

After entering my old passphrase it prints:

Key slot 0 unlocked
Command Successful.
[โ€“] [email protected] 2 points 5 months ago (1 children)

Alright so no permission issue, what if you run the changekey command in a separate bash subprocess? sudo bash -c '($your-changekey-command-here)'

[โ€“] [email protected] 2 points 5 months ago

Is it like the same first "cryptsetup luksChangekey..." But inside parentheses ? Im sure I'm getting the syntax wrong.. It prints

bash: line 1: -luksChangekey: command not found
[โ€“] [email protected] 2 points 5 months ago (1 children)

Have you tried using GNOME Disk Utility?

[โ€“] [email protected] 1 points 5 months ago (2 children)

I have it installed, but I don't see the option ๐Ÿคทโ€โ™‚๏ธ

[โ€“] [email protected] 2 points 5 months ago

Try clicking on the encrypted partition to get the passphrase option.

https://askubuntu.com/questions/95137/how-to-change-luks-passphrase

[โ€“] [email protected] 1 points 5 months ago (1 children)
[โ€“] [email protected] 2 points 5 months ago

OMG, thank youu.. It worked.. ๐Ÿฅณ