Trying to create a key file from passphrase
This is more of a request for support, but I couldn't find this information anywhere and suspect it may be useful for others. I'm happy to patch the docs once I've solved my problem if you like.
I have a volume that I mount with createsetup open
(no luks business) and a passphrase, and want to write a script that does that for me without asking for the passphrase. I understand that I can use --key-file
, but it shouldn't contain the passphrase, but the key that is derived from the passphrase by cryptsetup
.
I have tried openssl rmd160 .backup_passphrase > .backup_key
with various modifications (keep just the 40 bits of hex key in there, keep the binary key in there, pad with zeros, pad with repeats of the hash, use sha256), but haven't made the correct guess yet.
Any hint appreciated.