On 08/02/2018 03:42 PM, Ingo Franzki wrote:
On 02.08.2018 15:05, Ondrej Kozina wrote:
On 08/02/2018 12:38 PM, Ingo Franzki wrote:
A better error message is fine, but I would rather like to see a fix that makes cryptsetup-reencrypt work with non-default LUKS2 header sizes
This commit in wip-luks2 branch should fix it 1f36e33a. I need to add some tests yet, but hope this is it. Provided it passes tests I think this may get in 2.0.4 since it's one-liner.
Wow that was quick!
I checked out wip-luks2, built it, and tested it out on my system. Works great! Even with the PAES cipher.
Will the smaller header area have any negative impact on LUKS operations later on?
Like does it allow less keyslots due to the reduced header space?
If you grow volume key size after conversion to LUKS2, yes, you may end
with header where you fit less than 8 active keyslots.
New features that would benefit from larger metadata area in LUKS2
header may also not work optimally (i.e future online reencryption).
Regards
Ondrej
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
https://www.saout.de/mailman/listinfo/dm-crypt
