Project

General

Profile

Bug #38166

open plain cryptsetup devices

Added by Alfredo Deza about 5 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Target version:
-
% Done:

0%

Source:
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):

Description

if ceph-volume needs to open a plain cryptsetup volume the key is read and base64 decoded from the ceph key-value store.
The key will be transmit to cryptsetup via cryptsetup --key-file - ... (read from stdin)
though cryptsetup hashes the key read from stdin with some hash algorithm.
Now If I try to import old keys from /etc/ceph/dmcrypt-keys/ to the key-value store and handle the disks via ceph-volume instead of ceph-disk it is impossible to open the crypt volumes.

This patch fix this problem by adding --hash plain as option to cryptsetup. This should restore the old behavior used in ceph-disk

Also available in: Atom PDF