управлять обычными dm-crypt и зашифрованными томами LUKS (manage plain dm-crypt and LUKS encrypted volumes)
loop-AES EXTENSION
cryptsetup supports mapping loop-AES encrypted partition using a
compatibility mode.
open --type loopaes <device> <name> --key-file <keyfile>
loopaesOpen <device> <name> --key-file <keyfile> (old syntax)
Opens the loop-AES <device> and sets up a mapping <name>.
If the key file is encrypted with GnuPG, then you have to
use --key-file=- and decrypt it before use, e.g. like
this:
gpg --decrypt <keyfile> | cryptsetup loopaesOpen
--key-file=- <device> <name>
WARNING: The loop-AES extension cannot use the direct
input of key file on real terminal because the keys are
separated by end-of-line and only part of the multi-key
file would be read.
If you need it in script, just use the pipe redirection:
echo $keyfile | cryptsetup loopaesOpen --key-file=-
<device> <name>
Use --keyfile-size to specify the proper key length if
needed.
Use --offset to specify device offset. Note that the units
need to be specified in number of 512 byte sectors.
Use --skip to specify the IV offset. If the original
device used an offset and but did not use it in IV sector
calculations, you have to explicitly use --skip 0 in
addition to the offset parameter.
Use --hash to override the default hash function for
passphrase hashing (otherwise it is detected according to
key size).
<options> can be [--key-file, --key-size, --offset,
--skip, --hash, --readonly, --allow-discards, --refresh].
See also section 7 of the FAQ and http://loop-aes.sourceforge.net
for more information regarding loop-AES.
