Change Disk Encryption Password
Updated 4 Days AgoPublic

Main PagePureOSTips & TricksChange Disk Encryption Password

How to change the password of an encrypted LVM system


IMPORTANT: You might want to backup your data to an external hard disk before doing this, as a precaution.

Method 1: Using the terminal

LUKS allows for an encrypted partition/system to have multiple passwords and also to remove them. So to change the password we first add the new password and then remove the old one.

  • Get the name of the encrypted volume

Open the terminal application Tilix and type the command:
lsblk

It will show you the name of the partition, ignore /boot and /swap

cdp1

NOTE: In this case the encrypted volume is called sda2, but on your machine it can have a different name. Make sure you adjusted these commands to with the name of your device!

Add a new password

  • In Tilix run the command:

sudo cryptsetup luksAddKey /dev/device_name

  • It will ask you for your user password, type it and press enter.

cdp1

  • Next you will be asked for the old disk encryption password, type it and press enter.

cdp1

  • Type the new password you want for the encrypted disk, and press enter

cdp1

  • Confirm the new password and press enter

cdp1

The new password is now added

cdp1

Removing the old password

From Tilix run the command:
sudo cryptsetup luksRemoveKey /dev/device_name

cdp1

  • Type the password that you want to delete and press enter

cdp1


Method 2: Using GNOME DISKS

IMPORTANT: Because of the bug: https://tracker.pureos.net/T541, please DO NOT USE THIS METHOD for now! You will lose access to your encrypted disk.

Start up GNOME Disks and click the encrypted volume you wish to change the password for, click the gear icon and select Change Passphrase...:

cdp1

Enter your current and new password, and that's it:

cdp2

Last Author
joao.azevedo
Subscribers
None
Projects
None