Trying to re-encrypt a LUKS device while booted with FIPS fails with "Only PBKDF2 is supported in FIPS mode." error message
Issue
-
Trying to re-encrypt a LUKS device while booted with FIPS fails with the following message
# cryptsetup reencrypt /dev/sda2 Enter passphrase for key slot 0: <pass phrase> Only PBKDF2 is supported in FIPS mode.
Environment
- Red Hat Enterprise Linux 7 and later
- LUKS
- FIPS
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.