| Server IP : 172.67.216.182 / Your IP : 172.68.164.90 Web Server : Apache System : Linux krdc-ubuntu-s-2vcpu-4gb-amd-blr1-01.localdomain 5.15.0-142-generic #152-Ubuntu SMP Mon May 19 10:54:31 UTC 2025 x86_64 User : www ( 1000) PHP Version : 7.4.33 Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /usr/lib/cryptsetup/scripts/ |
Upload File : |
#!/bin/sh
# WARNING: If you use the decrypt_derived keyscript for devices with
# persistent data (i.e. not swap or temp devices), then you will lose
# access to that data permanently if something damages the LUKS header
# of the LUKS device you derive from. The same applies if you luksFormat
# the device, even if you use the same passphrase(s). A LUKS header
# backup, or better a backup of the data on the derived device may be
# a good idea. See the Cryptsetup FAQ on how to do this right.
if [ -z "$1" ]; then
echo "$0: must be executed with a crypto device as argument" >&2
exit 1
fi
unset -v keys count
keys="$(dmsetup table --target crypt --showkeys -- "$1" 2>/dev/null | cut -s -d' ' -f5)"
count="$(printf '%s' "$keys" | wc -l)"
if [ -n "$keys" ] && [ $count -le 1 ]; then
if [ "${keys#:}" = "$keys" ]; then
printf '%s' "$keys"
exit 0
else
echo "$0: device $1 uses the kernel keyring" >&2
fi
elif [ $count -eq 0 ]; then
echo "$0: device $1 doesn't exist or isn't a crypto device" >&2
else
echo "$0: more than one device match" >&2
fi
exit 1