Hey, I just wanted to send a quick not that I was able to get the crypto stuff working for kernel 2.4.26.
The problem was that the "make xconfig" system wasn't letting me turn on the selection of the CryptoAPI and the cryptoloop at the same time. I had to use "make menuconfig" instead. That worked!
That was a really strange thing. I have no idea why it was happening. I repeated this problem several times to show that it wasn't a fluke. It's just that "make xconfig" has a bug.
Anyway, thanks to everyone for helping me out. And I think I'm gonna switch to Jari's loop-aes after all. The note about there being potential vulnerabilities in the normal cryptoapi stuff was kind of frightening.
Steve
From: Thomas Sjögren <thomas@xxxxxxxxxxxxxxxxxxxx> Reply-To: thomas@xxxxxxxxxxxxxxxxxxxx To: Lohan Knight <lohan_knight@xxxxxxxxxxx> CC: linux-crypto@xxxxxxxxxxxx Subject: Re: Help trying to setup an encypted filesystem. Date: Wed, 23 Jun 2004 17:00:44 +0200
On Tue, Jun 22, 2004 at 10:21:43PM -0500, Lohan Knight wrote: > Is there supposed to be a util-linux patch file for crypto stuff for > util-linux verison 2.12a? If so, where?
ftp://ftp.kernel.org/pub/linux/utils/util-linux/
$ egrep 'cryptoloop|passphrase' util-linux-2.12a/HISTORY * losetup: cryptoloop support * losetup: -p option specifies fd for passphrase * mount: -p option specifies fd for passphrase
cryptoloop support was added in 2.12.
> I'm not sure how you accomplished that. Because whenever I use > "make xconfig" and select "cryptoloop" from the menu, it automatically > turns off all of the CryptoAPI stuff. I mean, I go back to the > CryptoAPI stuff, and it's all grayed out. I turn off the cryptoloop > item in the Block Devices menu, and then go back to the CryptoAPI > section, and all of the CryptoAPI stuff is back and no longer > grayed out. This tells me that someone doesn't want you to use > both. Why? Who knows. But I could always try manually > including both in the config file and see what happens.
I've never used 'xconfig' and it works well when just using 'config'.
> Ah. So if I use CryptoAPI instead of loop-aes, then all of the > util-linux stuff should work without any patches?
Yes, if you use 2.12 or later.
> But if I use > loop-aes, then I need to patch util-linux? Does that sound > right?
As Jari wrote yesterday, you can use the normal util-linux for loop-aes as well, but functionality will be lost.
> So if that is so, then my problem seems to be that I can't > select in "make xconfig" the cryptoloop item and the > CryptoAPI items at the same time. No patching of util-linux > would be necessary it sounds like. I just need to manually > enter the config options to turn on cryptoloop and CryptoAPI > at the same time. That should get me up and running.
Hopefully :)
/Thomas -- == thomas@xxxxxxxxxxxxxxxxxxxx | thomas@xxxxxxxxxxxx == Encrypted e-mails preferred | GPG KeyID: 114AA85C -- << signature.asc >>
_________________________________________________________________
Is your PC infected? Get a FREE online computer virus scan from McAfee® Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
- Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/