luksAddKey: confusing prompts

Bug #1210617 reported by Jedna Dvatři
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
cryptsetup (Ubuntu)
New
Undecided
Unassigned

Bug Description

To reproduce:
1. Attempt to add a new key by invoking "cryptsetup -y luksAddKey [encrypted_dev_file]".
2. See the "Enter any passphrase:" prompt appear, followed by "Verify passphrase:".

Expected behavior:
User twice enters her desired new passphrase, which is assigned to a key slot.

Actual behavior:
Failure with message, "No key available with this passphrase." (In fact, the prompt wants an existing passphrase at this stage.)

Suggested fix:
1. The prompt should be changed to something clearer, like "Enter any existing passphrase:".
2. The second, "Verify passphrase:" prompt at this stage should be eliminated. Verification seems useless in entering an existing password. It reenforces the user's mistaken assumption that a new password is what's expected. It seems to contradict the cryptsetup man page on the '-y' option, which states, "[A mismatch is a]dvised when creating a regular mapping for the first time, or when running luksFormat." We are doing neither of those things when we are entering an existing password.

References:
http://ubuntuforums.org/showthread.php?t=1566538
http://www.saout.de/pipermail/dm-crypt/2010-September/001177.html

description: updated
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.