[dm-devel] my encryption
jon707 at kollegiegaarden.dk
jon707 at kollegiegaarden.dk
Tue Oct 14 06:37:02 UTC 2003
On Mon, Oct 13, 2003 at 01:23:44PM +0100, Joe Thornber wrote:
> On Mon, Oct 13, 2003 at 02:12:13PM +0200, jon at kollegiegaarden.dk wrote:
> > On Mon, Oct 13, 2003 at 01:04:20PM +0100, Joe Thornber wrote:
[cut]
> > What usualy is done is that the passphrase is used as a key to encrypt
> > another key, which is stored encrypted at the disk. Then this other
> > key is used to encrypt the data with. Thus when changing the passphrase
> > all you do is reencrypting the key. This is almost done atomicaly.
>
> You can still do this with the current target, the encrypted key would
> be stored in the LVM metadata, and passed into the target when the LV
> is activated with the passphrase.
true, but suppose that some people want to use device mapper without
LVM for some particular reason ?
JonB
More information about the dm-devel
mailing list