OpenBSD Disk Encryption: Change passphrase

nabbisen - Jan 3 '23 - - Dev Community

Is it possible to change the passphrase after applying Full Disk Encryption by it to your OpenBSD server ?

Yes !! This post shows how. It's a really simple way with bioctl.

First, login to your server. Then run:

$ doas bioctl -P sd1
Enter fullscreen mode Exit fullscreen mode

Well, in this example, sd1 is CRYPTO volume introduced by softraid. (Moreover, sd0 is the origin disk.) In other words, sd1 here is where OpenBSD was actually installed via the installer.

You will be asked:

Old passphrase: 
New passphrase: 
Re-type passphrase:
Enter fullscreen mode Exit fullscreen mode

Enter them. That's it !!!

When reboot it, you will be accepted with the new passphrase.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .