On Mon, Mar 11, 2002 at 03:33:21AM +0100, m96 wrote: > 1) is there is a way to specify the aes encryption with whatever key > length over the command line? like: > > losetup -e aes128 /dev/loop0 crypto > > because this gives the error: > > The cipher does not exist, or a cipher module needs to be loaded into > the kernel > ioctl: LOOP_SET_STATUS: Invalid argument > > but my /proc/crypto/cipher/ shows: > > -r--r--r-- 1 root root 0 Mar 11 03:28 aes-cbc > -r--r--r-- 1 root root 0 Mar 11 03:28 aes-ecb > > > if i only give the following line losetup asks me which key length i > want to use: > > losetup -e aes /dev/loop0 crypto > Available keysizes (bits): 128 192 256 > Keysize: > > this way i can't use the '-p' option of losetup to get the passwd over > file descriptor. and that's bad..... Yes. You should use `losetup -e cipher -k keysize /dev/loopDEV path_to_underlying_file`. See losetup(8). You pass the cipher name to the "-k" option, and there is no cipher named "aes128". > 2) is there a way to find out if the given passwd is correct or not > before trying to mount the fs and notice that mounting fails because of > bad passwd? something like.... > > mount: wrong fs type, bad option, bad superblock on /dev/loop0, > or too many mounted file systems I hope there isn't. And there shouldn't be -- the puprpose of cryptography is to make your data accessable only to those who know the password, if there was a way to tell if a password is invalid, there would have been a way to brute force your encrypted partition (a character in a password usually give about 5 bits of data, and thus an 8-character password gives 5*8 = 40 bits which is breakable, and far less secure than a 256-bit crypto key). > 3) is there a way to change the passwd? because for example if the user > has the same passwd as the login passwd and now someone find out the > passwd. what now???? is the only solution for this creating a new crypto > file and copying all it's content from one to an other? I'm sure there is, but I don't know it. Success, -- Pav - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
