If this is not the right place to post about
util-linux, please tell me where to post.
I'm posting here because util-linux is at kernel.org.
_____________________________
I had a loop filesystem encrypted with twofish
algorithm.
Today, trying to mount the file, 'mount' claimed
I needed to enter a password of 20 chars or more!
Since I used less chars to encrypt, I was not able
to recover the information!!!
I tried CFLAGS="-DLOOP_PASSWORD_MIN_LENGTH=8"
without any success. This causes 'mount' to accept
the password, but, somehow, the decryption failled
because the fs type remained unrecognized!
BTW, I am using gentoo and I also tried USE=old-crypt.
No way!
I needed to install the version 2.12i to recover
my information.
Is this related with util-linux or has something
to do with gentoo patches or something?
This should not happen! Changing things like this
must keep some kind of compatibility with old ones.
How do I encrypt important data for the future?
Thank you for any comments.
On Mon, Oct 03, 2005 at 05:04:14PM +0100, Paulo da Silva wrote:
> If this is not the right place to post about
> util-linux, please tell me where to post.
> I'm posting here because util-linux is at kernel.org.
>...
If you have problems with some software shipped with a distribution the
best choice is usually the support / bug tracking system of your
distribution.
In your case, the problem seems to be already reported as Gentoo
bug #107680 [1].
> BTW, I am using gentoo and I also tried USE=old-crypt.
> No way!
>
> I needed to install the version 2.12i to recover
> my information.
>
> Is this related with util-linux or has something
> to do with gentoo patches or something?
>...
You are using features not present in the upstream util-linux but added
by patches Gentoo applies.
> Thank you for any comments.
cu
Adrian
[1] http://bugs.gentoo.org/107680
--
"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed
Adrian Bunk wrote:
>On Mon, Oct 03, 2005 at 05:04:14PM +0100, Paulo da Silva wrote:
>
>
>
>>If this is not the right place to post about
>>util-linux, please tell me where to post.
>>I'm posting here because util-linux is at kernel.org.
>>...
>>
>>
>
>If you have problems with some software shipped with a distribution the
>best choice is usually the support / bug tracking system of your
>distribution.
>
>In your case, the problem seems to be already reported as Gentoo
>bug #107680 [1].
>
>
>
>>BTW, I am using gentoo and I also tried USE=old-crypt.
>>No way!
>>
>>I needed to install the version 2.12i to recover
>>my information.
>>
>>Is this related with util-linux or has something
>>to do with gentoo patches or something?
>>...
>>
>>
>
>You are using features not present in the upstream util-linux but added
>by patches Gentoo applies.
>
>
>
*I am very sorry*.
At first I did not think this could be a problem of gentoo.
It just came up to my mind when I was writing this post.
That's why I added the lines refering 'gentoo'!
I should have looked at gentoo first ...
I'll be more carefull next time, if there is a next time :-(
Thank you anyway for your answer.
Paulo
Paulo da Silva wrote:
> I had a loop filesystem encrypted with twofish
> algorithm.
>
> Today, trying to mount the file, 'mount' claimed
> I needed to enter a password of 20 chars or more!
> Since I used less chars to encrypt, I was not able
> to recover the information!!!
> I tried CFLAGS="-DLOOP_PASSWORD_MIN_LENGTH=8"
> without any success. This causes 'mount' to accept
> the password, but, somehow, the decryption failled
> because the fs type remained unrecognized!
>
> BTW, I am using gentoo and I also tried USE=old-crypt.
> No way!
>
> I needed to install the version 2.12i to recover
> my information.
>
> Is this related with util-linux or has something
> to do with gentoo patches or something?
Seems like gentoo has merged loop-AES' util-linux patch which has always
used better defaults.
Mainline util-linux compatible mount options for /etc/fstab
encryption=twofish256,phash=unhashed2
Mainline util-linux compatible losetup command options
losetup -e twofish256 -H unhashed2 ......
kerneli.org compatible mount options for /etc/fstab
encryption=twofish256,phash=rmd160
kerneli.org compatible losetup command options
losetup -e twofish256 -H rmd160 ......
mount and losetup programs don't enforce 20 character minimum passphrase
length when using 'rmd160' or 'unhashed2' hash functions.
Both mainline util-linux and kerneli.org compatible setups are broken
securitywise. If there still are file systems using such broken setups, now
is good time to re-encrypt them using stronger crypto.
--
Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD