Adding a Nuke password for extra safety


Kali has modified cryptsetup to implement a new feature: you can set a nuke password which—when used— will destroy all keys used to manage the encrypted partition.

This can be useful when you travel a lot and need a quick way to ensure your data cannot be recovered. When booting, just type the nuke password instead of the real one and it will then be impossible for anyone (including you) to access your data.

Before using that feature, it is thus wise to make a backup copy of your encryption keys and keep them at some secure place.

Following the example in this section, you could add a nuke password with this command:

$ cryptsetup luksAddNuke /dev/sdb4

Enter any existing passphrase:

Enter new passphrase for key slot:

Verify passphrase:

More information about this feature can be found in the following tutorial:

https://www.kali.org/tutorials/nuke-kali-linux-luks/

Leave a Reply