* Re: 2.6.0-test1 cryptoloop & aes
@ 2003-07-20 8:22 Benjamin Weber
0 siblings, 0 replies; 4+ messages in thread
From: Benjamin Weber @ 2003-07-20 8:22 UTC (permalink / raw)
To: hcb; +Cc: linux-kernel
Hello Christian
I think you need to write
losetup -e aes128 /dev/loop5 /dev/hda4 or
losetup -e aes256 /dev/loop5 /dev/hda4
instead of just
losetup -e aes /dev/loop5 /dev/hda4
If you have use for a good howto that deals with an aes cryptoloop setup
(not kernel based though) , check this one:
http://forums.gentoo.org/viewtopic.php?t=31363&start=0
--
Benjamin
> Hello,
>
>
> i try to test the cryptoloop in 2.6.0-test1. I have enabled:
>
>
> CONFIG_BLK_DEV_LOOP=y
> CONFIG_BLK_DEV_CRYPTOLOOP=y
> CONFIG_CRYPTO=y
> CONFIG_CRYPTO_HMAC=y
> CONFIG_CRYPTO_AES=y
>
>
> Then i installed the losetup from util-linux-2.12pre. When i setup
> the device like this:
>
>
> /lib/losetup -e aes /dev/loop5 /dev/hda4
>
>
> I get:
>
>
> Unsupported encryption type aes
>
>
> cat /proc/crypto:
>
>
> name : aes
> module : kernel
> blocksize : 16
> min keysize : 16
> max keysize : 32
> ivsize : 16
>
>
> Is the cryptoloop in 2.6.0 not usable yet?
>
>
> Regards,
> Christian
>
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* 2.6.0-test1 cryptoloop & aes
@ 2003-07-20 0:57 Hielke Christian Braun
2003-07-20 8:38 ` Andries Brouwer
0 siblings, 1 reply; 4+ messages in thread
From: Hielke Christian Braun @ 2003-07-20 0:57 UTC (permalink / raw)
To: linux-kernel
Hello,
i try to test the cryptoloop in 2.6.0-test1. I have enabled:
CONFIG_BLK_DEV_LOOP=y
CONFIG_BLK_DEV_CRYPTOLOOP=y
CONFIG_CRYPTO=y
CONFIG_CRYPTO_HMAC=y
CONFIG_CRYPTO_AES=y
Then i installed the losetup from util-linux-2.12pre. When i setup
the device like this:
/lib/losetup -e aes /dev/loop5 /dev/hda4
I get:
Unsupported encryption type aes
cat /proc/crypto:
name : aes
module : kernel
blocksize : 16
min keysize : 16
max keysize : 32
ivsize : 16
Is the cryptoloop in 2.6.0 not usable yet?
Regards,
Christian
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: 2.6.0-test1 cryptoloop & aes
2003-07-20 0:57 Hielke Christian Braun
@ 2003-07-20 8:38 ` Andries Brouwer
2003-07-29 23:28 ` Bill Davidsen
0 siblings, 1 reply; 4+ messages in thread
From: Andries Brouwer @ 2003-07-20 8:38 UTC (permalink / raw)
To: Hielke Christian Braun; +Cc: linux-kernel
On Sat, Jul 19, 2003 at 05:57:26PM -0700, Hielke Christian Braun wrote:
> Then i installed the losetup from util-linux-2.12pre.
You need util-linux-2.12 or later.
(try ftp://ftp.cwi.nl/pub/aeb/util-linux or so)
Andries
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: 2.6.0-test1 cryptoloop & aes
2003-07-20 8:38 ` Andries Brouwer
@ 2003-07-29 23:28 ` Bill Davidsen
0 siblings, 0 replies; 4+ messages in thread
From: Bill Davidsen @ 2003-07-29 23:28 UTC (permalink / raw)
To: Andries Brouwer; +Cc: linux-kernel
On Sunday 20 July 2003 04:38 am, Andries Brouwer wrote:
> On Sat, Jul 19, 2003 at 05:57:26PM -0700, Hielke Christian Braun wrote:
> > Then i installed the losetup from util-linux-2.12pre.
>
> You need util-linux-2.12 or later.
>
> (try ftp://ftp.cwi.nl/pub/aeb/util-linux or so)
>
> Andries
Thank you, that's the missing part. I will say that in limited use I have used
aes and twofish and they seem to work correctly. I copied a bunch of data
there, checked it against the md5 contents file and all data was correct, did
a bunch of renames, slinks, compiles, etc. unmounted and remounted a few
times. So far so good, this isn't critical data, but I'm leaning that way for
my laptop.
All this with 2.6.0-test1-ac2.
Now, for the bizarre test case, suppose I did three encrypted losetups, each
using a different encryption. Then I made a raid-5 array of the three loop
devices. created a filesystem on the md device, and ran on that. Forget the
practicality, this is a test to see of the parts are robust, can I do it and
will it work?
Now make two of those filesystems losetups of NBDs. Now I can recover if any
one machine is missing, no one can recover the data without compromising at
least two machines. again, forget practical, this is a test and maybe has
application to the devout fundamentalist paranoid. If I was going to do it
I'd loopback mount the md device, too ;-)
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2003-07-29 23:28 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-07-20 8:22 2.6.0-test1 cryptoloop & aes Benjamin Weber
-- strict thread matches above, loose matches on Subject: below --
2003-07-20 0:57 Hielke Christian Braun
2003-07-20 8:38 ` Andries Brouwer
2003-07-29 23:28 ` Bill Davidsen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).