[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Problems with migration from SuSE's loop_twofish to loop-AES
Jari Ruusu <jari.ruusu@pp.inet.fi> wrote on 16.01.03 10:20:01:
>
> Waldemar la Tendresse wrote:
> > I have been using SuSE 7.1 with an updated kernel 2.4.16-4GB from SuSE
> > including loop_fish2 module. I have an encrypted partition using the
> > SuSE twofish module. The fstab-entry for ot looks like this:
> >
> > /dev/hdd2 /mnt/ reiserfs loop,encryption=twofish,noauto,user 1 2
> >
> > As you can see, I am using reiserfs instead of ext2, as stated in
> > the loop-AES READMEs. This works just fine.
> >
> > The problem is that I want to migrate to Debian Woody 3.0r0. I am using
> > Debians kernel 2.4.20 with loop-AES v1.7a and ciphers-v1.1a and
> > util-linux-2.11.y. All the components work very well, loop-AES is
> > very fast, even with AES256. But I am not able to mount the
> > encrypted partition when running Debian with loop-AES. I already
> > tried all possible options, this means
> >
> > losetup -e twofish(128|196|256) with and without -H and -I options
> >
> > mount ..... -o loop,encryption=all three twofishes, with and without phash
> > (all possible values) and loinit (both values) (I used the readonly switch
> > in all cases, of course.)
>
> Posting exact error message would help. If error message was "ioctl:
> LOOP_SET_STATUS: Invalid argument", then loading the loop_twofish module to
> kernel before mount or losetup command should cure your problem. Do this as
> root:
>
> modprobe loop_twofish
> mount -t reiserfs /dev/hdd2 /mnt -o loop=/dev/loop0,encryption=twofish128,phash=rmd160,loinit=1
>
> Or alternatively, add this line to your /etc/fstab
>
> /dev/hdd2 /mnt reiserfs loop=/dev/loop0,encryption=twofish128,phash=rmd160,loinit=1,noauto,user 0 0
>
> And this line to your debian /etc/modules file so that loop_twofish gets
> loaded to kernel at boot.
>
> loop_twofish
>
> And then mount should work as any user, like this:
>
> mount /mnt
>
Well, probably I wasn't precise enough: Of course I did a modprobe / insmod first, which
worked as it should to, without any error messages. losetup works without problems, too.
That is the point! I do not get any error messages, still I can access /dev/loopX (with X
standing for the loopdevicenr used as argument to losetup), but the stream I get, when
I use for example
cat /dev/loopX
is still encrypted (I tried all combinations of all possible options to losetup, as I stated out
before).
But when I do this on SuSE, I get the unencrypted stream with strings like "ReIsErFs" in
it. That is the reason why I assume the modules does not (really) decrypt how it is
supposed to be.
I even compared the two sources and didn't see any essential changes which could explain
this (besides Jari's improvements of course ;-) )
One further hint: If I try to acces the filesystem using
mount -t reiserfs /dev/hdd2 /mnt \
-o loop=/dev/loop0,encryption=twofish128,phash=rmd160,loinit=1
reiserfs complains that it does not find it's superblock, which is one more evidence that
the device is still crypted.
I also checked the reiserfs versions, they are both the same.
Regerds,
W. la Tendresse
______________________________________________________________________________
Wieviele E-Mail-Adressen haben Sie? Eine, fünf oder gar zehn? Verwalten
Sie doch einfach alle unter: http://freemail.web.de/features/?mc=021120
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/