Re: Squeeze RC1, amd64, XTS
Tags: patch A Quinta 02 Dezembro 2010 03:01:59 Ryan C. Underwood você escreveu: Is there a specific reason why XTS encryption is not enabled in the kernel on the amd64 RC1 squeeze netinst CD? Please Cc:, not subscribed. untested. -- Melhores cumprimentos/Best regards, Miguel Figueiredo http://www.DebianPT.org Index: packages/kernel/kernel-wedge/modules/crypto-modules === --- packages/kernel/kernel-wedge/modules/crypto-modules (revisão 65833) +++ packages/kernel/kernel-wedge/modules/crypto-modules (cópia de trabalho) @@ -4,3 +4,4 @@ serpent sha256_generic cbc ? +xts
Re: Squeeze RC1, amd64, XTS
Quoting Ryan C. Underwood (neme...@icequake.net): Is there a specific reason why XTS encryption is not enabled in the kernel on the amd64 RC1 squeeze netinst CD? Please Cc:, not subscribed. Better ask this to the kernel list, IMHO. Please note that unless a quick release happened last night, there is no such thing as an RC1. There's a beta1 of Debian Installer, this is all what I'm aware of. signature.asc Description: Digital signature
Re: Squeeze RC1, amd64, XTS
On Thu, Dec 02, 2010 at 06:50:13AM +0100, Christian PERRIER wrote: Is there a specific reason why XTS encryption is not enabled in the kernel on the amd64 RC1 squeeze netinst CD? Please Cc:, not subscribed. Better ask this to the kernel list, IMHO. Even though XTS is enabled in the usual amd64 kernel installed from squeeze via apt? I am using that kernel with no problems, it's just that I tried to boot off the netinst CD for rescue mode and was unable to access the encrypted LVM, very surprised. Please note that unless a quick release happened last night, there is no such thing as an RC1. There's a beta1 of Debian Installer, this is all what I'm aware of. Yes, I meant the beta1 netinst, i'm sorry. The file is dated from October so it seems fairly up to date. -- Ryan C. Underwood, neme...@icequake.net -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101202141219.gk4...@localhost.localdomain
Re: Squeeze RC1, amd64, XTS
Quoting Ryan C. Underwood (neme...@icequake.net): On Thu, Dec 02, 2010 at 06:50:13AM +0100, Christian PERRIER wrote: Is there a specific reason why XTS encryption is not enabled in the kernel on the amd64 RC1 squeeze netinst CD? Please Cc:, not subscribed. Better ask this to the kernel list, IMHO. Even though XTS is enabled in the usual amd64 kernel installed from squeeze via apt? I am using that kernel with no problems, it's just that I tried to boot off the netinst CD for rescue mode and was unable to access the encrypted LVM, very surprised. Ah OK, I was missing that information. Then it belongs to the installer in some way, but being ignorant as I am about FS encryption, I'll leave to others to followup, if someone wants to. signature.asc Description: Digital signature
Re: Squeeze RC1, amd64, XTS
On Thu, Dec 02, 2010 at 06:12:27PM +0100, Christian PERRIER wrote: Ah OK, I was missing that information. Then it belongs to the installer in some way, but being ignorant as I am about FS encryption, I'll leave to others to followup, if someone wants to. Please see #482092 [1]. The answer for not implementing XTS and LRW in partman is pretty lame: it misses the code to actually display key sizes that differ from one algorithm to another. Not hard to do, but no one did step up to do it. Adding the necessary modules in order to support rescueing partitions encrypted using XTS would be pretty trivial: kernel-wedge needs one or two lines added in one of its file. But it did not seem important to do so before adding support code in partman first. [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482092 Cheers, -- Jérémy Bobbio.''`. lu...@debian.org: :Ⓐ : # apt-get install anarchism `. `'` `- signature.asc Description: Digital signature
Re: Squeeze RC1, amd64, XTS
On Thu, Dec 02, 2010 at 11:22:15PM +0100, J?r?my Bobbio wrote: On Thu, Dec 02, 2010 at 06:12:27PM +0100, Christian PERRIER wrote: Ah OK, I was missing that information. Then it belongs to the installer in some way, but being ignorant as I am about FS encryption, I'll leave to others to followup, if someone wants to. Please see #482092 [1]. The answer for not implementing XTS and LRW in partman is pretty lame: it misses the code to actually display key sizes that differ from one algorithm to another. Not hard to do, but no one did step up to do it. Adding the necessary modules in order to support rescueing partitions encrypted using XTS would be pretty trivial: kernel-wedge needs one or two lines added in one of its file. But it did not seem important to do so before adding support code in partman first. [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482092 Interestingly, after I enter rescue mode from the netinst CD boot menu, I'm prompted for a password far before D-I starts and partman is ever seen. It is just like the standard cryptsetup via initrd. -- Ryan C. Underwood, neme...@icequake.net -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101203000532.gl4...@localhost.localdomain
Re: Squeeze RC1, amd64, XTS
Quoting Jérémy Bobbio (lu...@debian.org): Adding the necessary modules in order to support rescueing partitions encrypted using XTS would be pretty trivial: kernel-wedge needs one or two lines added in one of its file. But it did not seem important to do so before adding support code in partman first. Ryan did bring a valid use case with the rescue mode. So, as I understand now, we could at least enable these encryption modules in D-I kernel, through kernel-wedge, for users of the rescue mode to be able to use them in case they want to access such encrypted partitions. Am I right? signature.asc Description: Digital signature
Squeeze RC1, amd64, XTS
Is there a specific reason why XTS encryption is not enabled in the kernel on the amd64 RC1 squeeze netinst CD? Please Cc:, not subscribed. -- Ryan C. Underwood, neme...@icequake.net -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101202030159.gj4...@localhost.localdomain