29.5. Common Post-Installation Tasks

The following sections are about common post-installation tasks.

29.5.1. Set a randomly generated key as an additional way to access an encrypted block device

These sections are about generating keys and adding keys.

29.5.1.1. Generate a key

This will generate a 256-bit key in the file $HOME/keyfile.

		dd if=/dev/urandom of=$HOME/keyfile bs=32 count=1
		chmod 600 $HOME/keyfile

29.5.1.2. Add the key to an available keyslot on the encrypted device

cryptsetup luksAddKey <device> ~/keyfile

29.5.2. Add a new passphrase to an existing device

cryptsetup luksAddKey <device>

After being prompted for any one of the existing passphrases for authentication, you will be prompted to enter the new passphrase.

29.5.3. Remove a passphrase or key from a device

cryptsetup luksRemoveKey <device>

You will be prompted for the passphrase you wish to remove and then for any one of the remaining passphrases for authentication.

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.