LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   loop-AES dm-crypt and Gentoo (https://www.linuxquestions.org/questions/linux-software-2/loop-aes-dm-crypt-and-gentoo-200454/)

PrimusXPrimus 07-02-2004 05:30 PM

loop-AES dm-crypt and Gentoo
 
I made encrypted a pair of disks using loop-AES on Debian Woody. I recently formatted my system disk to Gentoo. I saved the encryption keys for the other disk. The problem is, the script I had written called for this:

losetup -e aes -k 128 -p 0 /dev/loop0 /dev/hde > /keyfile

In other words, create a loopback device based on this hard disk and unencrypt it using the AES cipher and the contents of "keyfile" which is a 128 bit key.

So what I did was download the freshest util-linux and aes-loop. I patched util-linux and compiled with no problem and I was able to make and install loop.ko with no problem as well. I compiled my kernel without loopback support, and loaded loop.ko using

modprobe loop

modprobe -l verifies that it is loaded.

So far so good. The problem is that this version of losetup no longer takes the -k option and I can't remember what version I was using before. I also can't remember if I used patched util-linux or Crypto-API. Okay, so i changed "aes" to "aes-128". Now I enter the command:

losetup -e aes-128 -p 0 /dev/loop0 /dev/hde > /keyfile

I get no errors, but when I try to mount loop0 I get told that it can't find a filesystem on the device. Shit. Is this a problem with the "offset"? Why have the parameters of this program changed? I'm not sure what's going on here.

robert.piro 10-12-2004 05:18 PM

I am facing the same problems:
I migrated my machine from RH9 to Gentoo 2004.2 (2.6.7-gentoo-r11) and tried to mount aes encrypted files as ext2 filesystems.
All I get is

# mount -text2 aes256.dsk disk/ -oencryption=aes-256,loop
Password:
mount: wrong fs type, bad option, bad superblock on /dev/loop0,
or too many mounted file systems
(could this be the IDE device where you in fact use
ide-scsi so that sr0 or sda or so is needed?)

At the moment I have compiled cryptoloop support and aes cipher as modules (but I also tried them as kernel built-ins, since I did not know what else to try)
# lsmod
Module Size Used by
cryptoloop 2788 -
aes 31648 -
loop 12332 -
ipv6 224608 -
nvidia 4817140 -


I have also downloaded util-linux-2.12.tar.gz, patched and installed it and I have tested out loopAES as described in loopAES-README . Unfortunately my password was not long enough for loopAES (at least 20 chars); I did not use loopAES in RH9 anyway, though.

What did I miss, what can I do? Do you have already a solution, PrimusXPrimus (except reinstalling RH9 and hoping to find the right patch)?


All times are GMT -5. The time now is 05:34 AM.