Man Linux: Main Page and Category List


       cryptsetup  -  setup cryptographic volumes for dm-crypt (including LUKS


       cryptsetup <options> <action> <action args>


       cryptsetup is used to conveniently setup dm-crypt managed device-mapper
       mappings.    For  basic  (plain)  dm-crypt  mappings,  there  are  four


       These strings are valid for <action>, followed by their <action args>:

       create <name> <device>

              creates a mapping with <name> backed by device <device>.

              <options> can be [--hash, --cipher, --verify-passphrase,  --key-
              file, --key-size, --offset, --skip, --readonly]

       remove <name>

              removes an existing mapping <name>.

       status <name>

              reports the status for the mapping <name>.

       resize <name>

              resizes an active mapping <name>.

              If  --size  (in  sectors)  is  not  specified,  the  size of the
              underlying block device is used.


       LUKS, Linux Unified Key Setup, is a standard for hard disk  encryption.
       It  standardizes  a partition header, as well as the format of the bulk
       data.  LUKS  can  manage  multiple  passwords,  that  can  be   revoked
       effectively  and  that  are  protected  against dictionary attacks with

       These are valid LUKS actions:

       luksFormat <device> [<key file>]

              initializes a LUKS partition and sets the  initial  key,  either
              via prompting or via <key file>.

              <options>  can  be  [--cipher,  --verify-passphrase, --key-size,
              --key-slot, --key-file (takes precedence  over  optional  second

       luksOpen <device> <name>

              opens  the  LUKS partition <device> and sets up a mapping <name>
              after successful  verification  of  the  supplied  key  material
              (either via key file by --key-file, or via prompting).

              <options> can be [--key-file, --readonly].

       luksClose <name>

              identical to remove.

       luksSuspend <name>

              suspends  active device (all IO operations are frozen) and wipes
              encryption key from kernel. Kernel version 2.6.19  or  later  is

              After  that  operation  you  have to use luksResume to reinstate
              encryption key (and resume device) or luksClose to remove mapped

              WARNING:  never  try  to  suspend device where is the cryptsetup
              binary itself.

       luksResume <name>

              Resumes suspended device and reinstates encryption key. You will
              need  provide  passphrase  identical  to luksOpen command (using
              prompting or key file).

              <options> can be [--key-file]

       luksAddKey <device> [<new key file>]

              add a new key file/passphrase. An  existing  passphrase  or  key
              file  (via  --key-file) must be supplied.  The key file with the
              new material is supplied as a positional argument.

              <options> can be [--key-file, --key-slot].

       luksRemoveKey <device> [<key file>]

              remove supplied key or key file from LUKS device

       luksKillSlot <device> <key slot number>

              wipe key with number <key slot> from LUKS  device.  A  remaining
              passphrase or key file (via --key-file) must be supplied.

              <options> can be [--key-file].

       luksDelKey <device> <key slot number>

              identical to luksKillSlot, but deprecated action name.

       luksUUID <device>

              print UUID, if <device> has a LUKS header.

       isLuks <device>

              returns true, if <device> is a LUKS partition. Otherwise, false.

       luksDump <device>

              dumps the header information of a LUKS partition.

       luksHeaderBackup <device> --header-backup-file <file>

              Stores binary backup of LUKS header and keyslot areas.

              WARNING: Please  note  that  with  this  backup  file  (and  old
              passphrase   knowledge)   you  can  decrypt  data  even  if  old
              passphrase was wiped from real device.

              Also  note  that  anti-forensic  splitter  is  not  used  during
              manipulation with backup file.

       luksHeaderRestore <device> --header-backup-file <file>

              Restores  binary  backup  of  LUKS header and keyslot areas from
              specified file.

              WARNING: All the keyslot  areas  are  overwritten,  only  active
              keyslots  form  backup  file  are  available  after issuing this

              This command allows restoring header if device  do  not  contain
              LUKS  header  or  if the master key size and data offset in LUKS
              header on device match the backup file.

       For        more        information        about        LUKS,        see


       --verbose, -v
              Print more verbose messages.

              Run in debug mode with full diagnostic logs.

       --hash, -h
              For create action specifies hash to use for password hashing.

              For  luksFormat  action  specifies  hash  used in LUKS key setup
              scheme and volume key digest.

              WARNING:  setting  hash  other  than  sha1  causes  LUKS  device
              incompatible with older version of cryptsetup.

              The  hash  string is passed to libgcrypt, so all hashes accepted
              by gcrypt are supported.  Default  is  set  during  compilation,
              compatible values with old version of cryptsetup are "ripemd160"
              for create action and "sha1" for luksFormat.

              Use cryptsetup --help to show defaults.

       --cipher, -c
              set cipher specification string.

              Default mode is configurable during  compilation,  you  can  see
              compiled-in  default  using  cryptsetup --help.  If not changed,
              the default is for plain dm-crypt and  LUKS  mappings  "aes-cbc-

              For pre-2.6.10 kernels, use "aes-plain" as they don’t understand
              the new  cipher  spec  strings.  To  use  ESSIV,  use  "aes-cbc-

              For  XTS mode, kernel version 2.6.24 or more recent is required.
              Use "aes-xts-plain" cipher specification and set key size to 256
              (or 512) bits (see -s option).

       --verify-passphrase, -y
              query  for  passwords  twice.  Useful  when creating a (regular)
              mapping for the first time, or when running luksFormat.

       --key-file, -d
              use file as key material.

              With LUKS, key material supplied in key files via -d are  always
              used for existing passphrases, except in luksFormat action where
              -d is equivalent to positional key file argument.  If  you  want
              to  set  a  new key via a key file, you have to use a positional
              arg to luksAddKey.

              If the key file is "-", stdin will be used.  With  the  "-"  key
              file  reading will not stop when new line character is detected.
              See section NOTES ON PASSWORD PROCESSING for more information.

              Use pre-generated master key stored in file. For  luksFormat  it
              allows LUKS header reformatting with the same master key (if all
              other parameters are the same existing  encrypted  data  remains

              For  luksAddKey it allows adding new passphrase with only master
              key knowledge.

       --key-slot, -S
              For LUKS operations that add key material, this  options  allows
              to  you specify which key slot is selected for the new key. This
              option can be used for luksFormat and luksAddKey.

       --key-size, -s
              set key size in bits.

              Has to be a multiple of 8 bits. The key size is limited  by  the
              used  cipher.  See  output of /proc/crypto for more information.
              Can be used for create or luksFormat,  all  other  LUKS  actions
              will  use key-size specified by the LUKS header.  Default is set
              during compilation, if not changed it is 256 bits.

              Use cryptsetup --help to show defaults.

              For luksOpen this option specifies number of bits read from  the
              key-file (default is exhaustive read from key-file).

       --size, -b
              force the size of the underlying device in sectors.  This option
              is only relevant for create and resize action.

       --offset, -o
              start offset  in  the  backend  device.   This  option  is  only
              relevant for create action.

       --skip, -p
              how many sectors of the encrypted data to skip at the beginning.
              This is different from the --offset options with respect  to  IV
              calculations.  Using  --offset  will shift the IV calculation by
              the same negative amount. Hence, if --offset n, sector n will be
              the  first  sector  on the mapping with IV 0. Using --skip would
              have resulted in sector n being the first sector also, but  with
              IV n.  This option is only relevant for create action.

              set up a read-only mapping.

       --iter-time, -i
              The  number  of  milliseconds  to  spend  with  PBKDF2  password
              processing. This option is only relevant to the LUKS  operations
              as luksFormat or luksAddKey.

       --batch-mode, -q
              Do  not ask for confirmation. Use with care! This option is only
              relevant   for   luksFormat,   luksAddKey,   luksRemoveKey    or

       --timeout, -t
              The  number  of  seconds  to wait before timeout. This option is
              relevant every time a password is asked, like create,  luksOpen,
              luksFormat   or   luksAddKey.  It  has  no  effect  if  used  in
              conjunction with --key-file.

       --tries, -T
              How often the input of the passphrase  shall  be  retried.  This
              option  is relevant every time a password is asked, like create,
              luksOpen, luksFormat or luksAddKey. The default is 3 tries.

              Align payload at a boundary  of  value  512-byte  sectors.  This
              option  is  relevant for luksFormat.  If your block device lives
              on a RAID, it is useful to align the filesystem at  full  stripe
              boundaries so it can take advantage of the RAID’s geometry.  See
              for instance the sunit and swidth options in the mkfs.xfs manual
              page.  By  default,  the payload is aligned at an 8 sector (4096
              byte) boundary.

              Show the version.


       From a terminal: Password processing is new-line sensitive, meaning the
       reading  will  stop  after  encountering  \n.  It will process the read
       material (without newline) with the default hash or the hash  given  by
       --hash.  After hashing, it will be cropped to the key size given by -s.

       From stdin: Reading will continue until EOF (so using e.g.  /dev/random
       as stdin will not work), with the trailing newline stripped. After that
       the read data will be hashed with the default hash or the hash given by
       --hash  and  the  result will be cropped to the keysize given by -s. If
       "plain" is used as an argument to the hash option, the input data  will
       not  be  hashed.   Instead, it will be zero padded (if shorter than the
       keysize) or truncated (if longer than the keysize) and used directly as
       the key. No warning will be given if the amount of data read from stdin
       is less than the keysize.

       From a key file: It will be cropped to the size given by -s.  If  there
       is insufficient key material in the key file, cryptsetup will quit with
       an error.

       If --key-file=- is used for reading the key  from  stdin,  no  trailing
       newline  is  stripped  from  the input. Without that option, cryptsetup
       strips trailing newlines from stdin input.


       LUKS uses PBKDF2 to protect against dictionary attacks (see RFC  2898).

       LUKS will always do an exhaustive password reading. Hence, password can
       not be read from /dev/random, /dev/zero or any other stream  that  does
       not terminate.

       For  any password creation action (luksAddKey, or luksFormat), the user
       may specify how much the time the password processing  should  consume.
       Increasing  the time will lead to a more secure password, but also will
       take luksOpen longer to complete. The default setting of one second  is
       sufficient for good security.


       LUKS  checks for a valid password or key when an encrypted partition is
       unlocked. Thus the luksOpen action fails with invalid password or  key,
       contrary to the plain dm-crypt create action.

       Please  also  be sure that you are using the same keyboard and language
       setting as during device format.


       The available combinations of ciphers,  modes,  hashes  and  key  sizes
       depend  on  kernel  support.  See  /proc/crypto for a list of available
       options. You might need to load additional  kernel  crypto  modules  in
       order to get more options.

       For  --hash  option  all  algorithms  supported  by  gcrypt library are


       Mathematics can’t be bribed. Make sure you keep  your  passwords  safe.
       There  are a few nice tricks for constructing a fallback, when suddenly
       out of (or after being) blue, your brain refuses  to  cooperate.  These
       fallbacks  are  possible  with LUKS, as it’s only possible with LUKS to
       have multiple passwords.


       cryptsetup is written by Christophe Saout <>
       LUKS    extensions,    and    man    page    by    Clemens    Fruhwirth


       To  read  images  created with SuSE Linux 9.2’s loop_fish2 use --cipher
       twofish-cbc-null -s 256 -h sha512, for images created with  even  older
       SuSE Linux use --cipher twofish-cbc-null -s 192 -h ripemd160:20


       reload <name> <device>

              modifies  an  active mapping <name>. Same options as for create.
              WARNING: Do not use this for LUKS devices, as the semantics  are
              identical  to  the create action, which are totally incompatible
              with the LUKS key setup.

              This action is deprected because it proved to be rarely  useful.
              It  is  uncommon to change the underlying device, key, or offset
              on the fly. In case, you really want to do this,  you  certainly
              know  what  you  are  doing and then you are probably better off
              with the swiss knive tool for device mapper, namely dmsetup.  It
              provides you with the same functionality, see dmsetup reload.

       luksDelKey <device> <key slot number>

              identical  to  luksKillSlot,  but  deprecated  action name. This
              option was renamed, as we  introduced  luksRemoveKey,  a  softer
              method for disabling password slots. To make a clear distinction
              that luksDelKey was more brutal than luksRemoveKey


              This option is ignored. Non-exclusive access to the  same  block
              device  can  cause  data  corruption thus this mode is no longer
              supported by cryptsetup.


       Report bugs to <> or Issues section on  LUKS  website.
       Please attach output of failed command with added --debug option.


       Copyright © 2004 Christophe Saout
       Copyright © 2004-2006 Clemens Fruhwirth
       Copyright © 2009-2010 Red Hat, Inc.

       This is free software; see the source for copying conditions.  There is
       NO warranty; not even for MERCHANTABILITY or FITNESS FOR  A  PARTICULAR


       dm-crypt website,

       LUKS website,

       dm-crypt TWiki,