Hi,
while experimenting with dm-crypt (+LUKS) I wonder if I could choose
another hash for the ESSIV (-c) to see if this would affect
performance later on:
# KEY="`dd if=/dev/urandom bs=1 count="128" 2>/dev/null`"
# echo "$KEY" | cryptsetup -c aes-cbc-essiv:sha1 --key-size 128 \
luksFormat /dev/md0
Failed to setup dm-crypt key mapping.
Check kernel for support for the aes-cbc-essiv:sha1 cipher spec and
verify that /dev/md0 contains at least 133 sectors.
Failed to write to key storage.
When using "-c aes-cbc-essiv:sha256" the command succeeds. Using "-c
aes-cbc-essiv:sha" (without the "1" in "sha1") did not help. The SHA
modules are loaded:
# grep name.*sha /proc/crypto
name : sha1
name : sha256
name : sha384
name : sha512
I'm using cryptsetup-luks 1.0.3 on a x86_64 sytem, different kernels
were tried (2.6.17-10 from ubuntu, 2.6.19-rc6-mm2, 2.6.19-rc6-git12...)
Any ideas what could cause these errors?
Thanks,
Christian.
--
BOFH excuse #192:
runaway cat on system.
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/
