So here we are again, I encrypted my drive with luks however at some point I wanted to change the passwords.
Currently I’m not using any DE(desktop environment), I just use open-box, therefore I don’t have any of the nice gui utilities that come with Gnome or Kde. I quickly search on google 🙂 for a solution and it turns out that it is pretty much straight forward, btw I ended up on this blog which actually present a quite better looking post. However this is meant to be just a quick reference. In any case you can man cryptsetup for more infos on the matter.
You need to identify the partitions/partition you would like to change the password to, a simple ls -l /dev/disk/by-id should list all the partitions as long as you are using udev. Or you could type lsblk which will output something like this, according to your current pc configuration,
username@debian /etc :$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 149.1G 0 disk
├─sda1 8:1 0 37.3G 0 part
│ └─sda1_crypt (dm-0) 254:0 0 37.3G 0 crypt /
└─sda2 8:2 0 111.8G 0 part
└─sda2_crypt (dm-1) 254:1 0 111.8G 0 crypt /home
sdb 8:16 1 7.6G 0 disk
└─sdb1 8:17 1 7.6G 0 part /boot
So once you know wich partition you want to change the password to just type
username@debian:~$ sudo cryptsetup luksAddKey /dev/sda1
Enter any passphrase:
Enter new passphrase for key slot:
Verify passphrase:
You must enter the current paraphrase and then type in the new one twice.
Once that’s done we can go ahead and delete the old one. Type in the following
username@debian:~$ sudo cryptsetup luksRemoveKey /dev/sda1
Enter LUKS passphrase to be deleted:
Type the old password and repeat the process if you have more than one encrypted partition and that’s it.