→ → → Change Disk Encryption Password
How to change the password of an encrypted LVM system
LUKS allows for an encrypted partition/system to have multiple passwords and also to remove them. So to change the password we first add the new password and then remove the old one.
- Get the name of the encrypted volume
Open the terminal application Tilix and type the command:
It will show you the name of the partition, ignore /boot and /swap
Add a new password
- In Tilix run the command:
sudo cryptsetup luksAddKey /dev/device_name
- It will ask you for your user password, type it and press enter.
- Next you will be asked for the old disk encryption password, type it and press enter.
- Type the new password you want for the encrypted disk, and press enter
- Confirm the new password and press enter
The new password is now added
Removing the old password
From Tilix run the command:
sudo cryptsetup luksRemoveKey /dev/device_name
- Type the password that you want to delete and press enter
Start up GNOME Disks and click the encrypted volume you wish to change the password for, click the gear icon and select Change Passphrase...:
Enter your current and new password, and that's it:
You can use the exact same method as described for laptops. Either from the device terminal application or from ssh.
Start up GNOME Disks:
Select the storage unit:
Select the LUKS partition and press the settings button:
Select "Change Passphrase":
Type your USER password, and press "Authenticate":
Type in their respective fields:
- the current Disk Encryption Passphrase
- the new Passphrase
- confirm the new Passphrase
- press "change"
luks cryptsetup- trying to change encrypt pw
I see the warning, about using GNOME Disks to change the pw. I went to the link https://tracker.pureos.net/T541, and checked for updates to the string. Seems that mladen posted an update back in June 2020 that this issue was resolved. "Debian bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928893 indicates that this has been fixed."
We are now headed in Jan 2021, can anyone confirm this to be true? I would prefer not to be the "ginny pig".
I tried the terminal route first and ran into some issues and did not work out as described above. My drives are set up differently, I have two drives in this machine and not listed as sda's.
Before I dove down that rabbit hole, I figured I would revisit using GNOME Disks, as it would be far easier, if its safe.
I don't have a virtual machine set up yet to test it out on.
12-30-20 update- used the GNOME Disks and reset the passphrase with no issues.
PS - Does anyone know what the little reset hole on the bottom of my Lib15 actually does? Does it restore the laptop to factory default and wipe everything? This is a fresh machine, no data to lose yet, so that is not much of an issue to go back to (Off Shelf Factory Default) and start the set up process over. I don't however get locked out of my drive by screwing up the pw reset,
Awesome, thanks for the feedback.
I used the GNOME Disks and reset the passphrase with no issues, worked pretty smoothly, no issues since.
My L15 is still hummin along just fine.
This is off track for this thread, sorry, but was still wondering..... can someone answer the last question, about the little tiny reset hole in the bottom of my L15 is for? It has a round circle printed around it with an arrow, which I would assume means reset, reset what is the question?
I have researched the manuals and docs that I can find, no mention anywhere of what its for. I am guessing that because its near the kill switches, that it might have something to do with the WiFi?
Just curious, no one seems to know in the forums either.