On Thu, 2002-12-26 at 04:26, Jack O'Quin wrote: > > I managed to install cryptoapi-core-source from testing and build > a 2.4.19 kernel with those modules (plus ALSA). > > But losetup still fails: > > sudo losetup -e blowfish /dev/loop0 ~/.crypto > Available keysizes (bits): 128 160 192 256 > Keysize: 256 > Password :xxxxxxxxxxxxx > > Password :xxxxxxxxxxxxx > > The cipher does not exist, or a cipher module needs to be loaded into the kernel > ioctl: LOOP_SET_STATUS: Invalid argument > > I tried installing cryptoloop-source from testing. But it only > contains the following patches: > > /usr/src/kernel-patches/all/loop-jari/loop-jari-2.2.20.gz > /usr/src/kernel-patches/all/loop-jari/loop-jari-2.4.18.gz > /usr/src/kernel-patches/all/loop-jari/loop-jari-2.4.16.gz > > Is this package still needed? The /usr/share/doc files seem to > indicate that it is. So, how do I build a patch for 2.4.19? > > What am I missing, here?
Hi Jack, to use filesystem encryption via the loopback-device, you need the cryptoapi and the patch for the loopback device (eg. loop-jari). You get 'ioctl: LOOP_SET_STATUS: Invalid argument' because the loop device loaded in the kernel is not patched, build the loop device as module, the 'right' one is called 'cryptoloop'. The relevant modules from my lsmod output: cipher-aes 21172 2 cryptoloop 1708 2 loop 10032 4 [cryptoloop] cryptoapi 3660 5 [cipher-aes cryptoloop] You might want to try the 'magic installer' from http://www.kerneli.org/ I haven't tried it, but it looks promising. This is also the site, where you can find further information. If you want to patch it by yourself, the accordant patches are called: 'patch-int-2.4.xx' 'loop-jari-2.4.xx.patch' These can be retrieved from http://www.kernel.org/pub/linux/kernel/people/hvr/testing/ You might also want to look at pam_mount at: http://freshmeat.net/releases/102327/ To mount the container-file transparently at login. I had to recompile util-linux, because the debian 'mount' binary won't mount loopback devices with encryption without prior initialisation via losetup. I haven't tried to patch the kernel-sources distributed with debian, but a plain kernel from http://www.kernel.org > -- > Jack O'Quin > Austin, Texas, USA > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > -- "boredom is not a burden anyone should bear" -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
