How to change the password of an encrypted LVM system (previously alternate Installation, now advanced feature)?

Using the Disks application:

In Ubuntu 18.04 or newer there is the possibility of using (Gnome) Disks. Thanks for the hint, Greg Lever, after clicking around I found what Greg mentioned:
1. Open Gnome Disks.
2. Choose/Click on the main physical hard drive in the left panel.
3. Click on the LUKS encrypted partition, in this example it is Partition 3: Screenshot Gnome Disks
4. Click on the edit icon (cogs, gear wheels) and choose "Change Paraphrase".

Or... using the command-line:

Here is the answer that worked for me, after Hamish helped me to realize my typo.

WARNING (for older Ubuntu versions, newer (e.g. 19.04) should be bug-fixed but be careful anyway): If you only have one key and remove it before adding another, you will render your disk inaccessible after rebooting! This also means you can not add a new key anymore afterwards. Thanks waffl and khaimovmr for these helpful comments.

First, you need to find out which is the encrypted LVM partition, it may be sda3, but it can also be sda5 (default on Ubuntu LVM), sdX2, ...:

cat /etc/crypttab

To add a new password, use luksAddKey:

sudo cryptsetup luksAddKey /dev/sda3

To remove an existing password, use luksRemoveKey:

sudo cryptsetup luksRemoveKey /dev/sda3

View currently used slots of the encrypted partition:

sudo cryptsetup luksDump /dev/sda3

Cited from this blog. Thanks.

Be aware: Flimm experienced that Ubuntu's system keyboard layout changed from Dvorak to Qwerty. You cannot see which keyboard layout you are using (bug #1862656) and you cannot choose to display the password (bug #1862654). Also, you only get three tries before being forced to wait for 60 seconds (bug #1862660). Thanks flimm for the helpful comment!


Download "Disks" from Software Manager. Run it. Select your encrypted device partition. Click gear icon. Select "Change passphrase". That's it


To see the slots used:

sudo cryptsetup luksDump /dev/sda5

And to find out which partition to use

cat /etc/crypttab

And if it is listed by uuid, use

ls -l /dev/disk/by-uuid/{insert your uuid here}

Then use

sudo cryptsetup luksAddKey /dev/sda5
sudo cryptsetup luksRemoveKey /dev/sda5

or

sudo cryptsetup luksChangeKey /dev/sda5

and for faster reference (assuming only 1 entry in /etc/crypttab)

sudo cryptsetup luksAddKey /dev/disk/by-uuid/$(cat /etc/crypttab | sed -e "s|\(.*\) UUID=\(.*\) none.*|\2|g")
sudo cryptsetup luksChangeKey /dev/disk/by-uuid/$(cat /etc/crypttab | sed -e "s|\(.*\) UUID=\(.*\) none.*|\2|g")