On Thu, 31 Jul 2003 11:41:25 +0200, Andries.Brouwer@xxxxxx wrote: > The patches I got were maximal, too much junk. > So I went for a minimal version instead. > > It is usable (when the kernel part is stable, which it isn't today) > but mount/losetup may well acquire a few options before it is > conveniently usable. Can we discuss those options now? I find the latest losetup to be completely unusable, tho' I appreciate the effort that's gone into it so far. Firstly, are the other key size choices (128-bit, 192-bit) gone for good? If so then I'll need to redo this entire hard disk (which currently uses 128-bit AES) before I can test 2.6 on my laptop. Secondly, there's the issue of passphrase hashing. I agree with the decision to cut it out of losetup, but where do we put it now? Andries has suggested an external program, but this isn't as simple as it sounds. To get this working would require a new way of reading the passphrase, since the hashed passphrase might contain a newline, or a null. Maybe change the semantics of the -p option, so that: losetup -e aes /dev/loop/10 /home/sluskyb/testloop will work when I give it the passphrase "foobar", but also pwhash -h sha1 |losetup -e aes -k 128 -p 0 /dev/loop/0 \ /dev/discs/disc0/part3 will read exactly 16 bytes of (probably) non-printable chars and use that as the key. Questions? Comments? Flames? -- Ben Slusky | A free society is a society sluskyb@xxxxxxxxxxxxxx | where it is safe to be sluskyb@xxxxxxxxxx | unpopular. PGP keyID ADA44B3B | -Adlai Stevenson - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
