[Mageia-dev] unable to mount encrypted partitions created with drakdisk
David W. Hodgins
davidwhodgins at gmail.com
Thu Mar 29 04:22:42 CEST 2012
On Wed, 28 Mar 2012 19:00:04 -0400, simple w8 <simplew8 at gmail.com> wrote:
> Something is not right, Free-OTFE says is does support xts but its not
> being able to mount the partitions encrypted in Mageia, what can be
> the cause?
We're using --cipher aes-xts-benbi --key-size 512.
As per http://www.ody.ca/~dwhodgins/Luks-Howto.html#Changelog
this was suggested to me several years ago, and is what I've been
using since then.
> You may see the FreeOTFE supported cypher modes here:
> http://www.freeotfe.org/docs/Main/Linux_volumes.htm
I wasn't aware luks encrypted volumes could be opened by anything
else, or I would have considered that when suggesting the cipher
change.
I don't think using the benbi initial vector generation algorithm (64 bit)
instead of the plain (32 bit) algorithm makes much of a difference,
in terms of security. It was just the cbc mode that I was concerned
with.
Can you modify /usr/lib/libDrakX/fs/dmcrypt.pm to use aes-xts-plain
(line 68), create an encrypted volume, and test it with freeotfe?
If that works, open a bug report and request the change.
Regards, Dave Hodgins
More information about the Mageia-dev
mailing list