# Change LUKS password prompt

## justintheknick

Is there any way to change the LUKS password prompt, from "Enter LUKS passphrase for sda..".

I have full system encryption, and when booted I'd rather the prompt be custom, such as:

"No Operating System found", just for a bit of plausible deniability to the casual user.

I've  had a look in and around certain config files looking for this string, but to no avail.

Thanks.

----------

## Shazam

I haven't used LUKS in quite some time, but I think you have two options to accomplish your goal:

first: download the source code and find the phrase in there and change it to whatever you need it. Then compile and install it by hand. This could break consistencies with your packages tho, and is probably the more hackerish way.

second: you create a wrapper script to cryptsetup which is  called instead cryptsetup. Something that will display the message of your choice, reads the input from the user and then calls cryptsetup with redirecting the output to a file or /dev/null. A check to wether or not it has been successful, is probably a good idea, too.

I don't know if that helped, but if you need some more details let me know, I haven't worked out the details. As said, haven't been using LUKS for quite some time, now.

----------

## frostschutz

Plausible deniability to the casual user (is not really my goal, but) on my system looks like this:

It boots Windows.  :Laughing: 

Linux only if my USB key is attached... I need the USB anyway for true full disk encryption... and it's useful since I also have Live CDs on there... so  :Smile:   :Cool: 

The problem with the No Operating System Found in the cryptsetup binary is that at that point, Linux kernel already booted and produced output messages, and even with quiet option you don't get rid of them all, so "No Operating System" is simply not plausible at this stage.

How about an empty read prompt where you have to enter some word before the real password prompt appears. That could be done easily and wouldn't require any modification (other than to your initramfs init script)...

----------

