Bill Soudan wrote:
> Did you use a clean copy of util-linux, or the patched version provided
> by FC4? From your above comments, I'm guessing you used a clean copy...
I used stock util-linux + patch from loop-AES
> > What does "losetup /dev/loop3" say? It should say "multi-key-v2"
>
> $ /sbin/losetup /dev/loop3
> /dev/loop3: [000e]:748 (/dev/hdb4) encryption=AES128 multi-key-v2
Did it say 'multi-key-v2' on the your earlier version of losetup?
It is possible that you used old single-key-only aware losetup with 64 keys.
In that case only first key was used, and the loop was really set up in
single-key mode.
Try this:
cat keys | head -n 1 | /sbin/losetup -p 0 -e AES128 /dev/loop3 /dev/hdb4
^^^^^^^^^
mount /dev/loop3 /mnt/storage
If that works, then this was caused by the "time-bomb" as explained in
loop-AES README section 7. If multi-key example is used with single-key-only
aware losetup, then things go south when losetup is upgraded to newer
multi-key aware one.
> $ /sbin/losetup /dev/loop3
> /dev/loop3: [000e]:748 (/dev/hdb4) encryption=AES128 multi-key-v2
Good.
> $ strings -a /sbin/losetup | grep multi-key
> multi-key-v3
> multi-key-v2
Good.
Your losetup is from loop-AES-v3 and understands v1, v2 and v3 key files.
--
Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/
