Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-108114

Multiple LUKS keyslots not preserved

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • rhel-9.8
    • rhel-10.1, rhel-9.7
    • rear
    • None
    • No
    • Moderate
    • rhel-jotnar
    • 5
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      Even after RHEL-83779 LUKS support for multiple keyslots is quite basic. If multiple keyslots are in use, only one is preserved, and moreover its properties are not preserved. When the disk layout is being saved, ReaR prints "Warning: More than one luks2 keyslot found in 'cryptsetup luksDump /dev/vda3' output, will only consider the first keyslot during recovery". After recovery, the LUKS device looks like this:

      cryptsetup luksDump /dev/vda3
      LUKS header information
      Version:       	2
      Epoch:         	5
      Metadata area: 	16384 [bytes]
      Keyslots area: 	16744448 [bytes]
      UUID:          	eef0808e-5f62-4560-a996-a5df9b7b9839
      Label:         	(no label)
      Subsystem:     	(no subsystem)
      Flags:       	(no flags)
      
      Data segments:
        0: crypt
      	offset: 16777216 [bytes]
      	length: (whole device)
      	cipher: aes-xts-plain64
      	sector: 512 [bytes]
      
      Keyslots:
        1: luks2
      	Key:        512 bits
      	Priority:   normal
      	Cipher:     aes-xts-plain64
      	Cipher key: 512 bits
      	PBKDF:      argon2id
      	Time cost:  5
      	Memory:     666144
      	Threads:    2
      	Salt:       d8 74 62 01 9a c6 d7 60 32 a5 8c cd 35 79 da 8a 
      	            89 89 b0 7a 55 ae 8d 4b df 20 6a 78 de 66 63 5f 
      	AF stripes: 4000
      	AF hash:    sha256
      	Area offset:290816 [bytes]
      	Area length:258048 [bytes]
      	Digest ID:  0
      Tokens:
      Digests:
        0: pbkdf2
      	Hash:       sha256
      	Iterations: 109409
      	Salt:       c4 3d 6c 24 05 6e d2 a7 16 15 d6 0c f6 0a 94 d6 
      	            9e 9b dc cc aa e2 9e 7a 47 42 e1 4d 1a 2c ec 9c 
      	Digest:     94 b3 9a 9d 88 27 29 14 54 73 6d 86 08 5d 75 22 
      	            a1 fc 0b c3 21 d5 58 b7 2b 00 3f 0d 18 b2 c3 d4 
      

      while in the original system it looked like:

      cryptsetup luksDump /dev/vda3
      LUKS header information
      Version:       	2
      Epoch:         	5
      Metadata area: 	16384 [bytes]
      Keyslots area: 	16744448 [bytes]
      UUID:          	eef0808e-5f62-4560-a996-a5df9b7b9839
      Label:         	(no label)
      Subsystem:     	(no subsystem)
      Flags:       	allow-discards 
      
      Data segments:
        0: crypt
      	offset: 16777216 [bytes]
      	length: (whole device)
      	cipher: aes-xts-plain64
      	sector: 512 [bytes]
      
      Keyslots:
        0: luks2
      	Key:        512 bits
      	Priority:   normal
      	Cipher:     aes-xts-plain64
      	Cipher key: 512 bits
      	PBKDF:      argon2id
      	Time cost:  4
      	Memory:     480117
      	Threads:    2
      	Salt:       97 5d cb b4 2c 92 15 c4 4b 67 e6 70 1c e5 f6 d1 
      	            c1 03 14 1e f9 b1 c0 b5 f6 30 61 2b 0a 64 73 84 
      	AF stripes: 4000
      	AF hash:    sha256
      	Area offset:32768 [bytes]
      	Area length:258048 [bytes]
      	Digest ID:  0
        1: luks2
      	Key:        512 bits
      	Priority:   normal
      	Cipher:     aes-xts-plain64
      	Cipher key: 512 bits
      	PBKDF:      pbkdf2
      	Hash:       sha256
      	Iterations: 1558062
      	Salt:       c9 ce 68 c8 fc 17 71 7a 9f d6 e5 c4 0a 3a 24 29 
      	            3c b0 8b 43 31 d2 9f 90 a8 d6 2a 2e ec 37 c3 a7 
      	AF stripes: 4000
      	AF hash:    sha256
      	Area offset:290816 [bytes]
      	Area length:258048 [bytes]
      	Digest ID:  0
      Tokens:
      Digests:
        0: pbkdf2
      	Hash:       sha256
      	Iterations: 100207
      	Salt:       03 c2 fa 5b 95 a1 2b 04 7f ba a8 cd d2 cc d8 fa 
      	            bc 5e 23 9c 44 3f 74 a4 91 4b e8 91 c6 28 2e 60 
      	Digest:     77 93 6c e5 c9 ed d1 ec 00 45 0e 74 c4 aa b4 5d 
      	            08 1b 61 61 f3 82 fc 13 86 e9 53 d9 98 79 b3 92 
      

      Note also that keyslot 1 used to use PBKDF: pbkdf2, but after recovery it has PBKDF: argon2id.

      disklayout.conf (on a different system) looks like:

      crypt /dev/mapper/luks-639d20b4-f627-4665-912a-144a16cdcf04 /dev/vda3 type=luks2 cipher=aes-xts-plain64 key_size=512 hash=sha256 uuid=639d20b4-f627-4665-912a-144a16cdcf04 keyfile=/etc/luks-keys/root.key pbkdf=argon2id
      

      Note that the keyfile is valid for slot 1 (the system was installed this way), but the pbkdf for slot 0.
      One might say that ReaR has no way to determine which key file belongs to which keyslot (/etc/crypttab looks like

      luks-639d20b4-f627-4665-912a-144a16cdcf04 UUID=639d20b4-f627-4665-912a-144a16cdcf04 /etc/luks-keys/root.key luks
      

      ), but even if I add key-slot=1, it has no effect.

              jotnar-project Jötnar Project
              rhn-support-pcahyna Pavel Cahyna
              Pavel Cahyna Pavel Cahyna
              Jötnar Project Jötnar Project
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: