[Bug 1210617] Re: luksAddKey: confusing prompts

Jedna Dvatři 1210617 at bugs.launchpad.net
Fri Aug 9 19:19:14 UTC 2013 

** Description changed:

  To reproduce:
  1. Attempt to add a new key by invoking "cryptsetup -y luksAddKey [encrypted_dev_file]".
  2. See the "Enter any passphrase:" prompt appear, followed by "Verify passphrase:".
  
  Expected behavior:
- User enters his new desired passphrase, which is assigned to a key slot.
+ User twice enters her desired new passphrase, which is assigned to a key slot.
  
  Actual behavior:
  Failure with message, "No key available with this passphrase." (In fact, the prompt wants an existing passphrase at this stage.)
  
  Suggested fix:
  1. The prompt should be changed to something clearer, like "Enter any existing passphrase:".
  2. The second, "Verify passphrase:" prompt at this stage should be eliminated. Verification seems useless in entering an existing password. It reenforces the user's mistaken assumption that a new password is what's expected. It seems to contradict the cryptsetup man page on the '-y' option, which states, "[A mismatch is a]dvised when creating a regular mapping for the first time, or when running luksFormat." We are doing neither of those things when we are entering an existing password.
  
  References:
  http://ubuntuforums.org/showthread.php?t=1566538
  http://www.saout.de/pipermail/dm-crypt/2010-September/001177.html

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1210617

Title:
  luksAddKey: confusing prompts

Status in “cryptsetup” package in Ubuntu:
  New

Bug description:
  To reproduce:
  1. Attempt to add a new key by invoking "cryptsetup -y luksAddKey [encrypted_dev_file]".
  2. See the "Enter any passphrase:" prompt appear, followed by "Verify passphrase:".

  Expected behavior:
  User twice enters her desired new passphrase, which is assigned to a key slot.

  Actual behavior:
  Failure with message, "No key available with this passphrase." (In fact, the prompt wants an existing passphrase at this stage.)

  Suggested fix:
  1. The prompt should be changed to something clearer, like "Enter any existing passphrase:".
  2. The second, "Verify passphrase:" prompt at this stage should be eliminated. Verification seems useless in entering an existing password. It reenforces the user's mistaken assumption that a new password is what's expected. It seems to contradict the cryptsetup man page on the '-y' option, which states, "[A mismatch is a]dvised when creating a regular mapping for the first time, or when running luksFormat." We are doing neither of those things when we are entering an existing password.

  References:
  http://ubuntuforums.org/showthread.php?t=1566538
  http://www.saout.de/pipermail/dm-crypt/2010-September/001177.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1210617/+subscriptions

More information about the foundations-bugs mailing list