On 2023-08-21 10:05, Carlos E. R. wrote: ...
How can I check if the key file was actually added to the encrypted devices? I can do:
cryptsetup luksDump /dev/nvme0n1p2
but I do not know what each key is. Or at least the key size.
On /dev/nvme0n1p2 I see one key slot has
Key material offset: 8
and the second key has
Key material offset: 512
But /dev/nvme0n1p4 has only one key slot, so it is probably missing the key file. I'll add it again. [...] done.
And Swap has 3 keys, go figure. Maybe I goofed and added the key fille twice to the same partition.
Key material offset: 8 Key material offset: 512 Key material offset: 1016
Ah, I see. Not size, but an index, and offset in the array. Ah. So I should delete slot 3.
Ok, done.
Laicolasse:~/Telcontar/notas/crypto # cryptsetup luksKillSlot /dev/nvme0n1p3 2 Enter any remaining passphrase: Laicolasse:~/Telcontar/notas/crypto #
[...]
Booted, et voilá! It worked :-)
Somehow, restore from hibernation, aka suspend to disk, is not working. It silently boots instead, after I enter the decryption password on Grub prompt. Next step will be attempting it, and examine journal on next boot. I have not tried for a few days, so the log entry pertaining to the failure I don't know where it is. [...] I see this in the log of the next boot just when I hoped it would restore from hibernation: Aug 27 23:19:04 Laicolasse swapon[860]: swapon: /dev/mapper/cr-auto-2: software suspend data detected. Rewriting the swap signature. The kernel boot line at the start of the journal is: Aug 27 23:18:58 Laicolasse kernel: Command line: BOOT_IMAGE=/boot/vmlinuz-5.14.21-150500.55.19-default root=UUID=858cc569-e2ae-4d12-adf6-3a06ade8281c security=apparmor no_console_suspend splash=silent resume= preempt=full quiet mitigations=auto Laicolasse:~ # l /dev/mapper/cr-auto-2 lrwxrwxrwx 1 root root 7 Aug 28 13:57 /dev/mapper/cr-auto-2 -> ../dm-1 Laicolasse:~ # file -s /dev/mapper/cr-auto-2 /dev/mapper/cr-auto-2: symbolic link to ../dm-1 Laicolasse:~ # file -s /dev/mapper/cr-auto-2/ /dev/mapper/cr-auto-2/: cannot open `/dev/mapper/cr-auto-2/' (Not a directory) Laicolasse:~ # file -s /dev/mapper/cr-auto-2/ /dev/mapper/cr-auto-2/: cannot open `/dev/mapper/cr-auto-2/' (Not a directory) Laicolasse:~ # file -s /dev/dm-1 /dev/dm-1: Linux/i386 swap file (new style), version 1 (4K pages), size 10485247 pages, LABEL=Swap, UUID=55db7bff-8d71-4862-8e31-1c2a7fd52c9d Laicolasse:~ # l /dev/disk/by-label/Swap lrwxrwxrwx 1 root root 10 Aug 28 13:57 /dev/disk/by-label/Swap -> ../../dm-1 Laicolasse:~ # Ideas? -- Cheers / Saludos, Carlos E. R. (from openSUSE 15.5 (Laicolasse))