Roger Heflin wrote: > I am not sure what version mine last worked on. I would guess the > default changed on 39 or 40. > > What fixed it for me (type plain password from stdin) was adding > --hash ripemd160 (they appear to have changed the default hash, BAD > developer). > > Guessing related to this: > https://gitlab.com/cryptsetup/cryptsetup/-/issues/758 > > And given people could have a script/command to mount like this(and > ask for a password), changing the default is not nice especially since > it will break the password working with no indication of anything > except the password/hash not decrypting the fs. This would have been in cryptsetup-2.7.0, so Fedora 40. Upstream does note this backward incompatible change in the 2.7.0 release notes¹ and it doesn't seem like they made it just to make it. Sure, it's annoying when it happens and catches one of us, but it is a necessary evil sometimes. Relevant to the initial problem in this thread, does anything in Fedora use cryptsetup plain mode by default? Doesn't the installer use LUKS when encrypting a drive (which isn't affected by this change) and lack support encrypting /boot or /boot/efi? I thought that was something you could do, but you had to work it out on your own? ¹ https://gitlab.com/cryptsetup/cryptsetup/-/blob/main/docs/v2.7.0-ReleaseNotes?ref_type=heads#L148-177 -- Todd
Attachment:
signature.asc
Description: PGP signature
-- _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
