Search Members Help

» Welcome Guest
[ Log In :: Register ]

Mini-ITX Boards Sale, Fanless BareBones Mini-ITX, Bootable 1G DSL USBs, 533MHz Fanless PC <-- SALE $200 each!
Get The Official Damn Small Linux Book. DSL Market , Great VPS hosting provided by Tektonic
 

[ Track this topic :: Email this topic :: Print this topic ]

 reply to topic new topic new poll
Topic: Loop-AES not working in 3.2 or 3.3< Next Oldest | Next Newest >
madmarvcr Offline





Group: Members
Posts: 4
Joined: Nov. 2006
Posted: Feb. 21 2007,23:15 QUOTE
The following works in 3.1

but I can not mount my old loop-AES container or even create a new loop-AES in 3.2 or 3.3


here are steps I take

entry in to /etc/fstab

/mnt/hdb/data/volume.dat /mnt/hdb/vdat ext2 defaults,noauto,loop=/dev/loop1,encryption=aes256 0 0

in shell run following commands
Code Sample

dd if=/dev/urandom of=/mnt/hdb/data/volume.dat bs=1M count=10
losetup -F /dev/loop1
password:
mkfs.ext2 /dev/loop1
losetup -d /dev/loop1

mount /mnt/hdb/vdat
password:



This works in 3.1, but not in 3.2 or 3.3

The mount command fails
Back to top
Profile PM 
^thehatsrule^ Offline





Group: Members
Posts: 3275
Joined: July 2006
Posted: Feb. 22 2007,01:38 QUOTE
afaik the mount binary was updated, but maybe the encryption thing was not compiled in?

What errors do you get now?
Back to top
Profile PM 
fredvej Offline





Group: Members
Posts: 12
Joined: June 2006
Posted: Feb. 22 2007,15:20 QUOTE
In DSL 3.2 this works :

dd if=/dev/urandom of=FILETOUSE
sudo losetup -e aes256 /dev/loop0 FILETOUSE
sudo mkfs -t ext2 /dev/loop0
sudo mount /dev/loop0 MOUNTPOINT -v -t ext2

Mounting encrypted filesystems in files using loopdevice works, but I do things differently than you.

Could it be a timing problem ?  If what you do is run in a script, you are mounting and unmounting the loop device in quick succession.

--------------
/Freddy
Back to top
Profile PM YIM 
WDef Offline





Group: Members
Posts: 798
Joined: Sep. 2005
Posted: Feb. 22 2007,17:02 QUOTE
It looks like mount has been replaced with an unpatched mount from utils-linux.  The patch comes from the loop-aes sources v1.x, or the binary from the debian mount-aes-utils package.  Without the patch mount can't use the shorthand /etc/fstab line to call losetup for you.

BUT you shouldn't be using loop-aes v1.x anyway (I've posted this several times before)!

It's very insecure, its author says so.  He also says not to use it!  Use loop-aes v3.x in dsl-n.

To move your data:

Back up your plaintext in case somthing goes wrong. Create a new (other)  encrypted partition using loop-aes v3.x in dsl-n, mount your loop-aes v1 partitions in loop-aes v.3.x, and copy your data fron the old encrypted mounted partition to the new.  Then umount your old encrypted partition  and *shred* the old device, many times for good measure.

Don't try to mount loop-aes v3.x encrypted partitions in loop-aes v1.x - it's not backward-compatible - you will probably bork them and lose your plaintext data.

Don't ever use single key loop-aes.  Only use gpg-encrypted multikey  - see the loop-aes readme.

I have a working loop-aes v3.x extension for dsl which I'll post soon (testing), and it includes the patched mount binary.  I didn't know there was any demand.
Back to top
Profile PM 
3 replies since Feb. 21 2007,23:15 < Next Oldest | Next Newest >

[ Track this topic :: Email this topic :: Print this topic ]

  		reply to topic new topic new poll
Quick Reply: Loop-AES not working in 3.2 or 3.3

Do you wish to enable your signature for this post?
Do you wish to enable emoticons for this post?
Track this topic
View All Emoticons
View iB Code