* Arno Wagner <arno@xxxxxxxxxxx> wrote: > * How can I use cryptsetup to mount loop-AES encrypted devices? > > (By ttsiodras) With these commands: > sh# losetup /dev/loop0 /path/to/whatever/file/or/volume > sh# cryptsetup -c aes-plain -h sha512 create crypted /dev/loop0 > Enter passphrase: > sh# mount /dev/mapper/crypted /mnt/heaven > > The above work for aes256 - for aes128, use "sha256". Wth... The user who submitted that must have been hiding under a rock quite some time. At best, the mentioned foo works for single-key loop-AES images. That's ancient, and since ages not even slightly a recommended loop-AES usage. Maybe he can comment on that madness? loop-AES.README has been clearly stating for years that a multi-key setup has to be used, namely v3. An example /etc/fstab entry: /dev/sda666 /mnt666 ext3 /defaults,noauto,loop=/dev/loop3,encryption=AES128,gpgkey=/keyfile.gpg 0 The correct line to unlock the listed volume via losetup is done via losetup -F /dev/loop3 I sincerely doubt current stock dm-crypt is able to mount multi-key loop-AES volumes. (Maybe someone using both can shed light on this in more detail, I might have missed the integration of that patch mentioned below) Full access support for multi-key loop-AES volumes might evolve from the work of Max Vozeler, first patch available at: http://www.spinics.net/lists/crypto/msg04952.html -- left blank, right bald
Attachment:
pgpMwQ2sj98S0.pgp
Description: PGP signature
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
