Marco Menzel wrote:
> I've a big problem with cryptoapi.
> After upgrading to kernel 2.6.0-test4 for several testings I get the
> following message:
> "Error: Password can contain characters only from the set:
> a-zA-Z0-9./". This happens by mounting my AES-cryptofile.
> I've used blanks in my passphrase since last December. How can I get
> my data back from cryptofile?
> Which version of cryptoapi and/or util-linux will work again?
> Now I'm using cryptoapi 0.1.0 and util-linux 2.11r patched for
> cryptoapi.
You seem to be using mount (and losetup) from loop-AES package. This
"character only from set a-zA-Z0-9./" is for compatibility with ancient
loop-AES-v1.0c versions. No one should be using that anymore.
To mount old vulnerable kerneli.org formatted partitions, use mount command
like this:
mount -t ext2 /dev/hda9 /mnt9 -o loop=/dev/loop0,encryption=AES128,phash=rmd160
^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^
Note that kerneli.org implementations do not use seeded+iterated passwords
and are vulnerable to optimized dictionary attacks. If you want your data to
be secure, you should re-encrypt it with seeded+iterated password setup.
Regards,
Jari Ruusu <jari.ruusu@xxxxxxxxxx>
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/
