Trying to re-encrypt a LUKS device while booted with FIPS fails with "Only PBKDF2 is supported in FIPS mode." error message

Solution Verified - Updated -

Issue

  • Trying to re-encrypt a LUKS device while booted with FIPS fails with the following message

    # cryptsetup reencrypt /dev/sda2
Enter passphrase for key slot 0: <pass phrase>
Only PBKDF2 is supported in FIPS mode.

Environment

  • Red Hat Enterprise Linux 7 and later
    • LUKS
    • FIPS

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content