[Bug 367577] Re: mount.crypt needs to pass -s to cryptsetup
jcfp
linux at jp.pp.ru
Sat May 23 15:29:27 UTC 2009
For ages had the following in pam_mount.conf (old non-luks):
volume me crypt - /dev/sdb1 /mnt/massa_crypto-2 cipher=blowfish-cbc-essiv:sha256,keysize=448 - -
Until that didn't work anymore after upgrading to jaunty (crashes reoprted in syslog, similar to #353935), even when trying manually and adding ripemd160 for the hash that apparently nowadays defaults to "plain" otherwise:
# /sbin/mount.crypt -v -o cipher=blowfish-cbc-essiv:sha256,hash=ripemd160,keysize=448 /dev/sdb1 /mnt/massa_crypto-2
mount.crypt(mtcrypt.c:149): keysize mount option ignored
command: [readlink] [-fn] [/dev/sdb1]
command: [readlink] [-fn] [/mnt/massa_crypto-2]
Password:
mount.crypt(loop.c:319): Using _dev_sdb1 as dmdevice name
command: [cryptsetup] [-c] [blowfish-cbc-essiv:sha256] [--key-file=-] [-h] [ripemd160] [create] [_dev_sdb1] [/dev/sdb1]
command: [mount] [-n] [/dev/mapper/_dev_sdb1] [/mnt/massa_crypto-2]
mount: you must specify the filesystem type
mount failed with exit status 32
With your patch added, the result is this:
# /sbin/mount.crypt -v -o cipher=blowfish-cbc-essiv:sha256,hash=ripemd160,keysize=448 /dev/sdb1 /mnt/massa_crypto-2
mount.crypt(mtcrypt.c:149): keysize mount option ignored
command: [readlink] [-fn] [/dev/sdb1]
command: [readlink] [-fn] [/mnt/massa_crypto-2]
Password:
mount.crypt(loop.c:325): Using _dev_sdb1 as dmdevice name
command: [cryptsetup] [-c] [blowfish-cbc-essiv:sha256] [--key-file=-] [-h] [ripemd160] [-s] [104] [create] [_dev_sdb1] [/dev/sdb1]
command: [mount] [-n] [/dev/mapper/_dev_sdb1] [/mnt/massa_crypto-2]
mount: you must specify the filesystem type
mount failed with exit status 32
Althought the key here seems to be "mount.crypt(mtcrypt.c:149): keysize mount option ignored", which might well have nothing to do with your patch, I can't see where it's getting this value "104" from. Doing cryptsetup and mount manually as follows:
# cryptsetup -c blowfish-cbc-essiv:sha256 --key-file=- -h ripemd160 -s 448 create _dev_sdb1 /dev/sdb1
# mount /dev/mapper/_dev_sdb1 /mnt/massa_crypto-2
...turned out to work flawlessly, like my other encrypted partitions
using "cipher=twofish-cbc-essiv:sha256,keysize=256" (with luks) had been
doing all along.
--
mount.crypt needs to pass -s to cryptsetup
https://bugs.launchpad.net/bugs/367577
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list