[Bug 1210617] [NEW] luksAddKey: confusing prompts

Jedna Dvatři 1210617 at bugs.launchpad.net
Fri Aug 9 18:05:56 UTC 2013 

Public bug reported:

To reproduce:
1. Attempt to add a new key by invoking "cryptsetup -y luksAddKey [encrypted_dev_file]".
2. See the "Enter any passphrase:" prompt appear, followed by "Verify passphrase:".

Expected behavior:
User enters his new desired passphrase, which is assigned to a key slot.

Actual behavior:
Failure with message, "No key available with this passphrase." (In fact, the prompt wants an existing passphrase at this stage.)

Suggested fix:
1. The prompt should be changed to something clearer, like "Enter any existing passphrase:".
2. The second, "Verify passphrase:" prompt at this stage should be eliminated. Verification seems useless in entering an existing password. It reenforces the user's mistaken assumption that a new password is what's expected. It seems to contradict the cryptsetup man page on the '-y' option, which states, "[A mismatch is a]dvised when creating a regular mapping for the first time, or when running luksFormat." We are doing neither of those things when we are entering an existing password.

References:
http://ubuntuforums.org/showthread.php?t=1566538
http://www.saout.de/pipermail/dm-crypt/2010-September/001177.html

** Affects: cryptsetup (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1210617

Title:
  luksAddKey: confusing prompts

Status in “cryptsetup” package in Ubuntu:
  New

Bug description:
  To reproduce:
  1. Attempt to add a new key by invoking "cryptsetup -y luksAddKey [encrypted_dev_file]".
  2. See the "Enter any passphrase:" prompt appear, followed by "Verify passphrase:".

  Expected behavior:
  User enters his new desired passphrase, which is assigned to a key slot.

  Actual behavior:
  Failure with message, "No key available with this passphrase." (In fact, the prompt wants an existing passphrase at this stage.)

  Suggested fix:
  1. The prompt should be changed to something clearer, like "Enter any existing passphrase:".
  2. The second, "Verify passphrase:" prompt at this stage should be eliminated. Verification seems useless in entering an existing password. It reenforces the user's mistaken assumption that a new password is what's expected. It seems to contradict the cryptsetup man page on the '-y' option, which states, "[A mismatch is a]dvised when creating a regular mapping for the first time, or when running luksFormat." We are doing neither of those things when we are entering an existing password.

  References:
  http://ubuntuforums.org/showthread.php?t=1566538
  http://www.saout.de/pipermail/dm-crypt/2010-September/001177.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1210617/+subscriptions

More information about the foundations-bugs mailing list