Hello!
I just installed Kubuntu 21.10, and chose the encrypted LVM option during installation. It now asks me for the passphrase on boot, as expected.
However, I see something that scares me: cryptsetup luksDump reports TWO keys for the encrypted partition. I guess one of them is the passphrase I supplied, but what is the other one?
(I removed the salt from the output I pasted below. Not sure if that was necessary or not, I am not well versed on this.)
Code:
Ke*****s:
0: luks2
Key: 512 bits
Priority: normal
Cipher: aes-xts-plain64
Cipher key: 512 bits
PBKDF: argon2i
Time cost: 4
Memory: 923333
Threads: 1
Salt:
AF stripes: 4000
AF hash: sha256
Area offset:32768 [bytes]
Area length:258048 [bytes]
Digest ID: 0
1: luks2
Key: 512 bits
Priority: normal
Cipher: aes-xts-plain64
Cipher key: 512 bits
PBKDF: argon2i
Time cost: 4
Memory: 1015869
Threads: 1
Salt:
AF stripes: 4000
AF hash: sha256
Area offset:290816 [bytes]
Area length:258048 [bytes]
Digest ID: 0
Bookmarks