A little more experimenting and I have found that twofish doesn't seem to work in any combination; /var/log/kern shows: device-mapper: table: 254:0: crypt: Error setting key a cursory investigation of kernel source shows that the only requirement for key length is that it must be a multiple of 8 characters (64 bits) and the comments seem to focus on lengths of 192 and 256 bits, so I don't believe that the keylength in my experiment is the problem, not sure what else it could be...I'm going to try and compile another kernel and see if that fixes the problem...does anyone know if this is a known bug with any particular kernel build. (I'm running Ubuntu Hardy Heron, uname gives "2.6.24-12-server") I'm assuming that for the most secure operation the chainmode should be xts and the ivopts should be benbi. On a related note does benbi require (or use) an ivmode, or is it just cbc that needs a hash appended to it? I'd be most grateful if Christophe or Clemens could fill in a few blanks for me (and the rest of the list of course :-) D. --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
