Hi, SUSE Linux used to ship a losetup with loop-AES patches. For 10.3 we'd like to stay closer to upstream util-linux-ng and get rid of such paches. In order for users to still be able to mount their old encrypted volumes dm-crypt/crypsetup must be able to handle them. That works just fine for the majority of volumes as they are just twofish-cbc-null with sha512 passphrase hash. There are also volumes around that use the 'itercountk' option of loop-AES' losetup though. That means the passphrase hash additionally needs to be encrypted using aes. I wonder whether to implement that method directly in cryptsetup or whether to write a separate program like hashalot that can be used to pipe the binary key into cryptsetup. The former is certainly more convenient for users whereas the latter is less intrusive and likely easier to implement. Any opinions on that? cu Ludwig -- (o_ Ludwig Nussel //\ SUSE Labs V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
