[Cryptofs-devel] Encrypted root
Max Vozeler
max@hinterhof.net
Thu, 29 Jan 2004 22:53:02 +0100
On Thu, Jan 29, 2004 at 10:10:27PM +0100, gz wrote:
> On Thursday 29 January 2004, alle 22:00, Max Vozeler wrote:
>
> > Encrypted swap works with swapon/swapoff from loop-aes-utils. All
> > thats required is to have an entry of the encrypted swap partition
> > in /etc/fstab [0] and swapon will do the losetup automatically.
>
> sure, i know that. but i mean, what about to implement the crypto swap
> too?
Implement in what way? I'm not sure I understand what you mean.
> by the way, the util-linux isnt still patched for work with this stuff
> at the moment. or i'm wrong? i've patched it manually and put on hold.
The util-linux Debian package has an incomplete (neither seeding nor
iterating) crypto support that unfortunately doesn't support the cipher
modes of loop-AES. I have no idea what this looks like for cryptoloop-
source. I've exchanged some emails with the util-linux maintainer
suggesting a unified patch but no decision was made. (Bug #164144)
One problem is that util-linux upstream apparently hasn't decided about
crypto support yet . During the 2.11z development phase Andries Brouwler
was quite open about this and said he considered either of two available
unified crypto patches at the time, one by Fruhwirth Clemens and another
one with support for different syntaxes by Jari Ruusu.
Jari's unified patch has suffered bit-rot since and cannot be used
with current versions of loop-AES (2.0b+) as it lacks important support
for multikey GnuPG files. So we are back at the beginning :-(
So I decided to continue building a loop-aes-utils package with
the required binaries from the util-linux package patched with the
latest patch as distributed with loop-AES. I plan to upload this
package to the Debian archive soon.
Cheers
Max
--
Max Vozeler <max@hinterhof.net> http://hinterhof.net/~max
GnuPG B7CDA2DC : 308E 81E7 B979 63BC A0E6 ED88 9D5B D511 B7CD A2DC