loop-AES dm-crypt and Gentoo
I made encrypted a pair of disks using loop-AES on Debian Woody. I recently formatted my system disk to Gentoo. I saved the encryption keys for the other disk. The problem is, the script I had written called for this:
losetup -e aes -k 128 -p 0 /dev/loop0 /dev/hde > /keyfile In other words, create a loopback device based on this hard disk and unencrypt it using the AES cipher and the contents of "keyfile" which is a 128 bit key. So what I did was download the freshest util-linux and aes-loop. I patched util-linux and compiled with no problem and I was able to make and install loop.ko with no problem as well. I compiled my kernel without loopback support, and loaded loop.ko using modprobe loop modprobe -l verifies that it is loaded. So far so good. The problem is that this version of losetup no longer takes the -k option and I can't remember what version I was using before. I also can't remember if I used patched util-linux or Crypto-API. Okay, so i changed "aes" to "aes-128". Now I enter the command: losetup -e aes-128 -p 0 /dev/loop0 /dev/hde > /keyfile I get no errors, but when I try to mount loop0 I get told that it can't find a filesystem on the device. Shit. Is this a problem with the "offset"? Why have the parameters of this program changed? I'm not sure what's going on here. |
I am facing the same problems:
I migrated my machine from RH9 to Gentoo 2004.2 (2.6.7-gentoo-r11) and tried to mount aes encrypted files as ext2 filesystems. All I get is # mount -text2 aes256.dsk disk/ -oencryption=aes-256,loop Password: mount: wrong fs type, bad option, bad superblock on /dev/loop0, or too many mounted file systems (could this be the IDE device where you in fact use ide-scsi so that sr0 or sda or so is needed?) At the moment I have compiled cryptoloop support and aes cipher as modules (but I also tried them as kernel built-ins, since I did not know what else to try) # lsmod Module Size Used by cryptoloop 2788 - aes 31648 - loop 12332 - ipv6 224608 - nvidia 4817140 - I have also downloaded util-linux-2.12.tar.gz, patched and installed it and I have tested out loopAES as described in loopAES-README . Unfortunately my password was not long enough for loopAES (at least 20 chars); I did not use loopAES in RH9 anyway, though. What did I miss, what can I do? Do you have already a solution, PrimusXPrimus (except reinstalling RH9 and hoping to find the right patch)? |
All times are GMT -5. The time now is 05:34 AM. |