luksAddKey: confusing prompts
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cryptsetup (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
To reproduce:
1. Attempt to add a new key by invoking "cryptsetup -y luksAddKey [encrypted_
2. See the "Enter any passphrase:" prompt appear, followed by "Verify passphrase:".
Expected behavior:
User twice enters her desired new passphrase, which is assigned to a key slot.
Actual behavior:
Failure with message, "No key available with this passphrase." (In fact, the prompt wants an existing passphrase at this stage.)
Suggested fix:
1. The prompt should be changed to something clearer, like "Enter any existing passphrase:".
2. The second, "Verify passphrase:" prompt at this stage should be eliminated. Verification seems useless in entering an existing password. It reenforces the user's mistaken assumption that a new password is what's expected. It seems to contradict the cryptsetup man page on the '-y' option, which states, "[A mismatch is a]dvised when creating a regular mapping for the first time, or when running luksFormat." We are doing neither of those things when we are entering an existing password.
References:
http://
http://
description: | updated |