ykfde-enroll failing on DISABLED key slot

[Tecknogekko]

Not sure if I'm trying to add the passphrase to the key slot of the wrong device but this is basically a breakdown of what i did coupled with the command to add it to the disabled key slot failing (I've been assuming the script is supposed to enable that since I can't find anywhere to enable it blank so I could just tack on a -o at the end of the ykfde-enroll). Gonna add the passphrase to sda3 as well since I have no clue how swap effects LUKS and I can't imagine it'd hurt to just throw it on key slot 2 for both but atm both fail with the same message.

[tim-laptop timh]# lsblk --fs
NAME                                          FSTYPE      FSVER LABEL UUID                                 FSAVAIL FSUSE% MOUNTPOINTS
sda                                                                                                                       
├─sda1                                        vfat        FAT32       87A5-C2DB                             298.9M     0% /boot/efi
├─sda2                                        crypto_LUKS 1           77065e4b-467a-46b2-9ec8-8bb811c09a5e                
│ └─luks-77065e4b-467a-46b2-9ec8-8bb811c09a5e ext4        1.0         07396079-a74e-495a-ac1a-b315dfed04a2   86.3G    15% /
└─sda3                                        crypto_LUKS 1           8cd18ede-2270-4bf0-aef5-521048252f15                
  └─luks-8cd18ede-2270-4bf0-aef5-521048252f15 swap        1     swap  9d2d5951-9fa7-4783-bebe-ebb767258663                [SWAP]
sr0                                                                                                                       
[tim-laptop timh]# cryptsetup luksDump /dev/sda2
LUKS header information for /dev/sda2

Version:        1
Cipher name:    aes
Cipher mode:    xts-plain64
Hash spec:      sha256
Payload offset: 4096
MK bits:        512
MK digest:      87 dd 89 4c 7d be 17 c8 2d ae d3 f3 9c 4e 01 49 23 21 af 9e 
MK salt:        99 63 15 11 ca ee da 08 4b 4c 82 69 75 59 8c 1e 
                fa ab b2 6a 97 6f 3e 5c bf 21 11 17 40 b0 0f e0 
MK iterations:  80117
UUID:           77065e4b-467a-46b2-9ec8-8bb811c09a5e

Key Slot 0: ENABLED
        Iterations:             1291348
        Salt:                   31 f9 9f 08 be c1 f1 24 af ec 23 49 cb de 7b a8 
                                7c 6a 0c 2c 2f 3f 93 06 02 db df 16 7f d0 9d 82 
        Key material offset:    8
        AF stripes:             4000
Key Slot 1: ENABLED
        Iterations:             1240918
        Salt:                   5f b7 7f be 8f 01 6a ce 0c a1 0a 90 50 81 19 ab 
                                d8 38 eb 38 a3 5c 62 e5 ec c3 57 2d 4a 7e 88 5d 
        Key material offset:    512
        AF stripes:             4000
Key Slot 2: DISABLED
Key Slot 3: DISABLED
Key Slot 4: DISABLED
Key Slot 5: DISABLED
Key Slot 6: DISABLED
Key Slot 7: DISABLED
[tim-laptop timh]# cryptsetup luksDump /dev/sda3
LUKS header information for /dev/sda3

Version:        1
Cipher name:    aes
Cipher mode:    xts-plain64
Hash spec:      sha256
Payload offset: 4100
MK bits:        512
MK digest:      27 18 bf a2 56 8c 62 5d 3f 98 42 5f d5 79 0d 5d 76 f1 d3 b9 
MK salt:        60 b9 b2 ed 1c 5c 85 59 39 e3 e3 ad 88 12 49 79 
                47 d7 d9 5d b1 4d 6e 10 68 79 36 c2 be d5 04 e2 
MK iterations:  80908
UUID:           8cd18ede-2270-4bf0-aef5-521048252f15

Key Slot 0: ENABLED
        Iterations:             1294538
        Salt:                   f1 c4 cd f5 73 bc de 10 99 42 27 b9 8c 3f fa c8 
                                87 aa af 11 64 49 12 11 66 dc 2b 7c 18 80 d4 d4 
        Key material offset:    8
        AF stripes:             4000
Key Slot 1: ENABLED
        Iterations:             1251284
        Salt:                   2b c6 10 2e 4b a6 bd 5d 34 16 ad d3 13 88 d4 be 
                                25 86 2f 44 2e 37 f5 8d 2b e0 d6 09 fd 27 13 6b 
        Key material offset:    512
        AF stripes:             4000
Key Slot 2: DISABLED
Key Slot 3: DISABLED
Key Slot 4: DISABLED
Key Slot 5: DISABLED
Key Slot 6: DISABLED
Key Slot 7: DISABLED
[tim-laptop timh]# ykfde-enroll -d /dev/sda2 -s 2
INFO: Setting device to '/dev/sda2'.
INFO: Setting LUKS keyslot to '2'.
WARNING: This script will utilize LUKS keyslot '2' on device '/dev/sda2'.  If this is not what you intended, please abort.
   Remember to touch the device if necessary.
Please provide the old LUKS passphrase for the existing keyslot.
 Enter passphrase:  > Adding new LUKS passphrase with 'cryptsetup'...
WARNING: The --key-slot parameter is used for new keyslot number.
No key available with this passphrase.
[tim-laptop timh]# cryptsetup luksDump /dev/sda2
LUKS header information for /dev/sda2

Version:        1
Cipher name:    aes
Cipher mode:    xts-plain64
Hash spec:      sha256
Payload offset: 4096
MK bits:        512
MK digest:      87 dd 89 4c 7d be 17 c8 2d ae d3 f3 9c 4e 01 49 23 21 af 9e 
MK salt:        99 63 15 11 ca ee da 08 4b 4c 82 69 75 59 8c 1e 
                fa ab b2 6a 97 6f 3e 5c bf 21 11 17 40 b0 0f e0 
MK iterations:  80117
UUID:           77065e4b-467a-46b2-9ec8-8bb811c09a5e

Key Slot 0: ENABLED
        Iterations:             1291348
        Salt:                   31 f9 9f 08 be c1 f1 24 af ec 23 49 cb de 7b a8 
                                7c 6a 0c 2c 2f 3f 93 06 02 db df 16 7f d0 9d 82 
        Key material offset:    8
        AF stripes:             4000
Key Slot 1: ENABLED
        Iterations:             1240918
        Salt:                   5f b7 7f be 8f 01 6a ce 0c a1 0a 90 50 81 19 ab 
                                d8 38 eb 38 a3 5c 62 e5 ec c3 57 2d 4a 7e 88 5d 
        Key material offset:    512
        AF stripes:             4000
Key Slot 2: DISABLED
Key Slot 3: DISABLED
Key Slot 4: DISABLED
Key Slot 5: DISABLED
Key Slot 6: DISABLED
Key Slot 7: DISABLED
[tim-laptop timh]# 

[Vincent43]

Please provide the old LUKS passphrase for the existing keyslot. Enter passphrase: > Adding new LUKS passphrase with 'cryptsetup'... WARNING: The --key-slot parameter is used for new keyslot number. No key available with this passphrase.

Are you sure that you entered correct non-ykfde passphrase at this step (the old one valid for slot 0 or slot 1? I don't see other explanation than the typed passphrase was wrong.

[Tecknogekko]

Are you sure that you entered correct non-ykfde passphrase at this step (the old one valid for slot 0 or slot 1? I don't see other explanation than the typed passphrase was wrong.

Right so my bad. Read the prompt wrong.

Please provide the old LUKS passphrase for the existing keyslot.
 Enter passphrase:  > Adding new LUKS passphrase with 'cryptsetup'...

Took that as the keyslot I was trying to write to which given it's disabled just left it blank. I'm retarded, lol...