cryptsetup-luks doesn't read properly from stdin. Therefore I can't get it working with pam_mount, which provides the key out of a ssl decrypted file. http://forums.gentoo.org/viewtopic-p-3122951.html#3122951 Quite old report about the same problem: http://groups.google.de/group/linux.debian.bugs.dist/browse_frm/thread/803929a178785be9 # echo $KEY >cache # cryptsetup -c aes-cbc-essiv:sha256 luksFormat /dev/hda5 cache WARNING! ======== This will overwrite data on /dev/hda5 irrevocably. Are you sure? (Type uppercase yes): YES # cryptsetup -d cache luksOpen /dev/hda5 _dev_hda5 key slot 0 unlocked. # cryptsetup remove _dev_hda5 # echo $KEY |cryptsetup luksOpen /dev/hda5 _dev_hda5 Command failed: No key available with this passphrase.
This is a problem relating to reading from a FD and terminating with \0 or \n.