[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Multi-key loop-aes question
Daniel Harvey wrote:
> I'm using the latest version of loop-aes (2.0f) on Debian. I can only key
> the multi-key mode to work off a GnuPG encrypted key, not otherwise.
>
> I create 64 keys using:
>
> head -c 2880 /dev/random | uuencode -m - | head -n 65 | tail -n 64
>
> and then pass them into losetup using 'cat xxx | losetup -p0 ...'.
>
> Am I doing something wrong?
>
> Any thoughts appreciated...
Currently only "mount -o encryption=AES128,gpgkey=filename",
"losetup -e AES128 -K filename" and "swapon -a" can set up loop in multi-key
mode with MD5 IV.
If you are trying to set up encrypted swap partition, "swapon -a" with
"loop=/dev/loop6,encryption=AES128" options in /etc/fstab will set up
loop in multi key mode with random keys. If you are trying to set up
encrypted /tmp partition, you may want to take a look at tmpfs file system
that uses encrypted swap.
--
Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/