Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

--- it-wiki:linux:change_luks_disk_encryption_passphrase [2024/01/05 15:32] – angelegt marko
+++ it-wiki:linux:change_luks_disk_encryption_passphrase [2024/01/05 16:15] (aktuell) – marko
@@ Zeile 92: / Zeile 92: @@
 	Digest:     5b d0 10 56 e4 9a ff e1 eb 14 2a fb 4d 85 ba c3
 	            a7 75 fa fa 6c 24 cc 01 b0 9c 34 dd 48 98 1a d9
+</code>
+It seems I only have slot 0, but on many systems, you may see up to 8 slots numbered from 0 to 7. Therefore in step # 3, we will see how to determine your LUKS slot.
+==== Step 3 – Finding out LUKS slot assigned to you by Linux sysadmin or installer ====
+To determine which luks slot a passphrase is in on Linux, run:
+<code bash>
+# sudo cryptsetup --verbose open --test-passphrase /path/to/dev/
+# sudo cryptsetup --verbose open --test-passphrase /dev/sda3
+</code>
+The command will tell you the correct LUKS slot without any guesswork on your part:
+<code bash>
+Enter passphrase for /dev/sda3:
+Key slot 0 unlocked.
+Command successful.
+</code>
+Please note down slot number. In other words, we need to use slot number 0 for /dev/sda3.
+==== Step 4 – Changing LUKS disk encryption passphrase in Linux using the command-line ====
+So far, so good we obtained all information required for updating or changing or existing passphrase. Please note that a passphrase is similar to a password in usage but is commonly longer for security reasons. The syntax is:
+<code bash>
+# sudo cryptsetup luksChangeKey /dev/sda3 -S 0
+</code>
+First, enter the existing passphrase and press the ''[Enter]'' key. If the passphrase is correct, you are allowed to change it by entering it twice as follows:
+<code bash>
+Enter passphrase to be changed:
+Enter new passphrase:
+Verify passphrase:
+</code>
+==== Step 5 – Verify new passphrase ====
+Either reboot the Linux system or simulate a new passphrase on the CLI as follows:
+<code bash>
+# sudo cryptsetup --verbose open --test-passphrase /dev/sda3
 </code>