Monthly Archives: January 2015

cryptsetup-1.6.6 breaks my crypto! BLARGH!

I updated my NAS server today, which runs on Debian Jessie (testing). After upgrading to cryptsetup-1.6.6, I noticed that my main share didn’t mount anymore. I investigated, and a very odd thing happened while entering the passphrase: cryptsetup took *any* key I entered!

Well, that’s not entirely true. Usually, cryptsetup asks multiple times if the key is wrong, but in my case, it silently dropped me back to my shell without any information.  Running cryptsetup with –verbose revealed that there was:

My heart stopped for a second, because I thought: SHIT, there’s something wrong with the physical disk! Of course, everything was okay – cryptsetup-1.6.6 has a bug which obviously has problems decrypting at least one cipher I use. That particular version of cryptsetup actually did decrypt my other crypto.

Here’s the luksDump info of the drive cryptsetup-1.6.6 couldn’t open:

To downgrade to a more stable version of cryptsetup, I added the stable repo:

Then I pinned the versions of cryptsetup, cryptsetup-bin and libcryptsetup4 to their stable versions:

After running apt-get update, the system should downgrade to cryptsetup-1.4.4. In my case, luksOpen did work again. WHEW!