From: bitlord <bitlord0xff@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] cryptsetup wont use aes-xts:plain64
Date: Mon, 20 Apr 2015 18:19:40 +0200 [thread overview]
Message-ID: <20150420181940.79a2f19f@gen2ws.local> (raw)
In-Reply-To: <a120b9c08f9b974c0e4f931e075a20e8@zbfmail.de>
On Sat, 18 Apr 2015 12:27:15 +0200
Marko Weber | 8000 <weber@zbfmail.de> wrote:
>
> hello list,
>
> i try to crypt a partition with cryptsetup.
> Yes, in Kernel i had all need things i think.
>
> CONFIG_CRYPTO=y
...
> # CONFIG_CRYPTO_HW is not set
>
>
> but when i try to use cryptsetup i get this:
>
> # cryptsetup -c aes-xts:plain64 -y -s 256 luksFormat
> /dev/mapper/VolGroup01-media2
>
> WARNING!
> ========
> This will overwrite data on /dev/mapper/VolGroup01-media2 irrevocably.
>
> Are you sure? (Type uppercase yes): YES
> Enter passphrase:
> Verify passphrase:
> device-mapper: reload ioctl on failed: Invalid argument
> Failed to setup dm-crypt key mapping for device
> /dev/mapper/VolGroup01-media2.
> Check that kernel supports aes-xts:plain64 cipher (check syslog for
> more info).
>
>
>
> Any ideas?
>
> i built cryptsetup with this useflags:
>
> nls openssl python udev urandom
>
>
>
> cryptsetup --help shows me i am able to use the options
>
> Default compiled-in device cipher parameters:
> loop-AES: aes, Key 256 bits
> plain: aes-cbc-essiv:sha256, Key: 256 bits, Password
> hashing: ripemd160
> LUKS1: aes-xts-plain64, Key: 256 bits, LUKS header hashing:
> sha1, RNG: /dev/random
>
>
> any help / ideas or knowledge welcome.
>
> best regards
>
> marko
>
>
>
>
>
I read the whole tread, but will reply here.
I use this mode on some devices, and for me works fine (gentoo
systems), I have it enabled in kernel, also I have cryptsetup with
sys-fs/cryptsetup-1.6.5 (gcrypt nls python_single_target_python2_7
python_targets_python2_7 python_targets_python3_3 udev)
You can probably ignore python*, 'gcrypt' is probably important USE
flag.
Also something which maybe unrelated to you but is important about
CONFIG_CRYPTO_XTS is
"XTS: IEEE1619/D16 narrow block cipher use with
aes-xts-plain, key size 256, 384 or 512 bits. This implementation
currently can't handle a sectorsize which is not a multiple of 16
bytes."
next prev parent reply other threads:[~2015-04-20 16:19 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-04-18 10:27 [gentoo-user] cryptsetup wont use aes-xts:plain64 Marko Weber | 8000
2015-04-18 11:48 ` Ralf
2015-04-18 12:07 ` Heiko Baums
2015-04-18 12:12 ` Ralf
2015-04-18 12:44 ` Heiko Baums
2015-04-18 13:45 ` Ralf
2015-04-18 12:33 ` Heiko Baums
2015-04-18 15:41 ` Heiko Baums
2015-04-20 13:40 ` Marko Weber | 8000
2015-04-19 1:35 ` Fernando Rodriguez
2015-04-19 1:47 ` Fernando Rodriguez
2015-04-20 13:43 ` Marko Weber | 8000
2015-04-20 17:43 ` Heiko Baums
2015-04-20 13:59 ` Marko Weber | 8000
2015-04-20 16:19 ` bitlord [this message]
-- strict thread matches above, loose matches on Subject: below --
2015-04-21 9:21 Marko Weber | 8000
2015-04-21 10:54 ` Heiko Baums
2015-04-22 4:09 ` R0b0t1
2015-04-22 7:46 ` Ralf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150420181940.79a2f19f@gen2ws.local \
--to=bitlord0xff@gmail.com \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox