[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 2.6 cryptoloop questions

To: "mike@flyn.org" <mike@flyn.org>
Subject: Re: 2.6 cryptoloop questions
From: Boyd Waters <bwaters+moz@nrao.edu>
Date: Mon, 11 Aug 2003 15:38:53 -0600
CC: linux-crypto@nl.linux.org
In-Reply-To: <20030808140615.DB91A31439@neuromancer.voxel.net>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
List-help: <mailto:listar@nl.linux.org?Subject=help>
List-owner: <mailto:riel@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-software: Listar version 1.0.0
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org
References: <20030808140615.DB91A31439@neuromancer.voxel.net>
Sender: linux-crypto-bounce@nl.linux.org
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20030225

mike@flyn.org wrote:

> 1.  What is the deal with adding arguments to losetup so that the program will 
> support calling external hashing programs (Ben Slusky's work I think)?  I have 
> been hashing passwords with openssl, a pipe and losetup's -p 0 option for quite 
> some time.  Why is the additional code needed?  Am I missing something here?

I think it is so you can specify options to the mount(8) program in 
/etc/fstab; this might give people the option of a rather powerful 
system setup with management from only one file (/etc/fstab) -- you can 
imagine not having to use a crypto-swap wrapper script, for example.

> 2.  Is it safe to use the 2.6 code to encrypt a swap partition (or safe to
> start testing this since this is all experimental code)?

I certainly think so.

> 3.  Mount needs to support variable key sizes.  I have seen a little discussion  
> about this but I fear much of it went on using other mailing lists.  Losetup 
> supports variable key sizes so mount should somehow.  Granted, losetup is not 
> usually suid root, but the code addition to mount is minimal and mount is 
> essentially broken without it.  Comments?

Loop-AES patches to losetup certainly support this, so it must be useful 
to people. Investigate at loop-aes.sourceforge.net

Thanks for your comments!

-- boyd

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/

References:
- 2.6 cryptoloop questions
  - From: "mike@flyn.org" <mike@flyn.org>

Prev by Date: Re: PATCH 2/2: external hashing program use in losetup
Next by Date: 未承諾広告※夏は暑く合法ドラッグ♪規制まじか！今が買い！
Prev by thread: 2.6 cryptoloop questions
Next by thread: microsof
Index(es):
- Date
- Thread