I'm writing a script which automatically sets up testing environment virtual machines. This script should automatically format a dmcrypt+LUKS partition for me, with a certain passphrase. Because this is a local testing environment I don't care about the security of the passphrase, I just want the entire VM setup process to be automated and non-interactive.
How can I non-interactively supply a passphrase to 'dmcrypt luksFormat'? I want to use passphrases, not keys, because in production we use passphrases for LUKS as well.
Best Answer
The first thing to do is to call the right command: it's
cryptsetup, notdmcrypt.The second thing is that you can pass another argument to read the passphrase from a file, or from standard input (using
-).Note that the
-nflag is necessary inechoto prevent a line feed from being appended to the password.See the
cryptsetupman page for other ways to pass the key material in.