hmmm. It now works.. I seem to have miscalculated a factor of 8 somewhere, the correct size of my key was 1216bytes=9728bits I also had to change lib/utils.c to 483c483 < for(i = 0; read_horizon == 0 || i <= read_horizon; i++) { --- > for(i = 0; read_horizon == 0 || i < read_horizon; i++) { Will this patch break other keys??? .. Now I can use the following udev ruleDRIVERS=="usb" ACTION=="remove" SUBSYSTEM=="usb", ENV{ID_SERIAL_SHORT}=="001D", RUN+="/usr/bin/xscreensaver-command -display :0.0 -lock" DRIVERS=="usb" ACTION=="remove" SUBSYSTEM=="usb", ENV{ID_SERIAL_SHORT}=="001D", RUN+="/sbin/cryptsetup luksSuspend safe"
DRIVERS=="usb" ACTION=="add" SUBSYSTEM=="usb", ENV{ID_SERIAL_SHORT}=="001D", RUN+="/usr/bin/xscreensaver-command -display :0.0 -deactivate" DRIVERS=="sd" ACTION=="add" SUBSYSTEM=="block", ENV{ID_SERIAL_SHORT}=="001D", RUN+="/usr/sbin/cryptsetup luksResume safe -d /dev/%k -s 9728"
Milan Broz wrote:
On 05/06/2010 03:26 PM, Warren Crossing wrote:Milan Broz wrote:On 05/06/2010 11:54 AM, Warren Crossing wrote:I am using cryptsetup 2:1.1.0-2.1 from debian I tried to get the cvs but cant dig cvs.saout.de (not even from saout.de ns)?????http://code.google.com/p/cryptsetup/ (where do you get that old cvs address?)From www.saout.de. - is this an old dead site?No, but svn and project page is now on Google code site. There is lot of old information on wiki seems (But IIRC link to cryptsetup page was updated. Strange.)try 1.1.1-rc2 please and if it doesn't work, I need some reproducer (I tried simple passphrase and it works here, I think I even used 1.1.0 for test)I don't have a spare disk handy (perhaps tonight I can try) - so I tried with loops, but it fails with "Device /dev/loop4 is not a valid LUKS device."luksSuspend/Resume is supported on LUKS devices only, it will be never supported for plain devices (there is no way how to verify the passphrase is correct, it can lead to data corruption.) Instead ofcryptsetup -c aes-plain -h sha512 -b 2048 create test /dev/loop4 -d keyyou have to use cryptsetup luksFormat /dev/loop4 key then cryptsetup luksOpen /dev/loop4 -d key Keep default cipher better, not sure why are you using known-IV vulnerable mode here... Milan _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt