On 09/26/2012 03:17 PM, Ralf Ramsauer wrote: > cryptsetup create asd ./foobar --cipher=aes-cbc-essiv:sha256 --key-file key > or > cryptsetup create asd ./foobar --cipher=aes-cbc > Enter Passphrase: .......... # cryptsetup create asd ./foobar --cipher=aes-cbc Enter passphrase: device-mapper: reload ioctl on failed: Invalid argument device-mapper: table ioctl on failed: No such device or address > > work fine. nope :) Which version you are using? First, for historic reasons, there are some shortcuts: "aes" and "aes-plain" will translate to "aes-cbc-plain" but "aes-cbc" is not valid shortcut (and cbc mode require IV specification ) If you are not sure, just run cryptsetup status <active device> and it will print full mode spec. of active device. FO scripts, please always use full specification, the above is just to provide compatibility with old cryptsetup. Format is <cipher>-<mode>-<IV/params> plain/plain64 IV is just sector number, so no dependence on passphrase/key. (If used with CBC mode, it is not secure.) For more info about available IV modes see http://code.google.com/p/cryptsetup/wiki/DMCrypt#IV_generators Milan _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
