On Sun, 14 Sep 2003 20:30:30 +0300, Pasi K?rkk?inen wrote: > I couldn't get the fs to work with the new kernel. losetup complained > something about the encryption type or so (Sorry, I don't have the exact > error message available now..) That is to be expected. > I tried using util-linux 2.12, and encryption type aes-cbc-256 like this: > > hashalot ripemd160 | ./losetup -p0 -e aes-cbc-256 /dev/loop0 /dev/vg0/lv0 > > But I couldn't mount the loop0 after this.. so the key was not set up like > in my patch-int+loop-hvr combo.. Hm... in this case I wouldn't expect it to be. You're using 256-bit encryption, but the output of RIPEMD-160 is only 160 bits. It is possible that hashalot sets the remaining bits differently than the old losetup code. I'll see if I can't fix that, but meantime I strongly recommend that you re-encrypt with an SHA-256-hashed key (or maybe even SHA-384). Right now you're really using 160-bit AES. -- Ben Slusky | If Apollo 13 went off course today sluskyb@xxxxxxxxxxxxxx | [they'd] open the airlock, flush sluskyb@xxxxxxxxxx | the astronauts out, and re-install PGP keyID ADA44B3B | new ones. -Kibo - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
