LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   how to set encryption keyseze (losetup) in slack 10 (https://www.linuxquestions.org/questions/slackware-14/how-to-set-encryption-keyseze-losetup-in-slack-10-a-201775/)

qwijibow 07-06-2004 12:31 PM
how to set encryption keyseze (losetup) in slack 10
 
im using slackware 10 with the 2,6,7 kernel.

in some distro's you specify the encrpyion keysize with

losetup -e aes -k 256 /dev/loop0 /dev/hda2 # -k 256 is the keysize

in toher distro's

losetup -e aes256 /dev/loop0 /dev/hda2 # 256 is the keysize

and in a few, its

losetup -e aes-256 /dev/loop0 /dev/hda2 # 256 is the keysize

but i cant work it out in slackware to.
it does work when i dont specify a keysize

losetup -e aes /dev/loop0 /dev/hda2
but i dont know what size key and therefore how secure this is.

what am i missing ?

(and yes, loop, cryptoloop and aes are loaded.

Vincent_Vega 11-18-2004 04:41 PM
I can't answer your question but since you're using this too I have a question for you. I have both the 2.4.6 and 2.6.9 kernels but I cannot get the losetup command to work for me in 2.4.6. It takes the password and then returns an error (can't remember what error exactly right now...). It's fine in the 2.6 series though.
Any suggestions? I have aes and loopback compiled in the kernel.

qwijibow 11-18-2004 06:00 PM
losetup was dropped in kernel 2.6 in favor of dm-crypt.


emerge cryptsetup

and make sure you compiled "dm-crypt" and "dm-mod" and "aes" kernel modules

dm-crypt is a MUCH better system than cryptoloop.

Vincent_Vega 11-18-2004 06:53 PM
But cryptoloop still exists? I'm using it just like I was before:
losetup -e aes /dev/loop0 /dir/file
I specifically compiled in cryptoloop for 2.6 for this reason so I'll have to explore dm-crypt.
But how about the 2.4 kernel? That's where I'm having problems. I may just stick with 2.6 and dm-crypt though.
Thanks for the help!

qwijibow 11-19-2004 05:17 AM
i would recoment converting all your encryption to dm-crypt.

crypt-o-loop is buggy, slow, and requires you to do annoying patches on system programs like mount, losetup etc etc.

dm-crypt is clean, better designed, easyer to install and use... its just great ;) !
instead of owrking off the loop device, it works with the Device Mapper... dm-crypt is in the "Raid and LMV" section.. but dont worry, you dont need raid or lmv to use dm-crypt with a normal hard disk :)

Vincent_Vega 11-19-2004 02:59 PM
Ok, I'll do that. I was also looking into loop-aes. Any comments on that? I've read that loop-aes is actually better the dm-crypt but I would have to look into it some more to know for sure.
Any information is appreciated.

qwijibow 11-20-2004 05:17 PM
Loop-aes has a few more features that dm-crypt. but just like crypto-loop it depends on the messy buggy loopback driver. and it has also been dropped in favor of dm-crypt.

so for now, loop-aes has more features than dm-crypt. but dm-crypt is an active code project. loop-aes is not in the main kernel tree (like dm-crypt) and will not be available for the next 2.8 linux kernel.

basically.. dm-crypt is the way to go. read the documentation in the kernel source code.

Vincent_Vega 11-20-2004 06:37 PM
Ok, thanks. I'll stick with dm-crypt.


All times are GMT -5. The time now is 01:03 AM.