Bug#350922: [Pkg-cryptsetup-devel] Bug#350922: not existant

Jonas Meurer jonas at freesources.org
Fri Feb 3 11:59:55 UTC 2006


On 02/02/2006 gebi at sbox.tugraz.at wrote:
> >if you encrypt a luks parition with a key, postchecks can be useful. if
> >you use a password, it is just like you said, it fails if the password
> >is wrong. but if you use a key, it doesn't fail if the key is wrong,
> >does it? otherwise keys like /dev/(u)random would not work.
> 
> /dev/urandom does not work with luksOpen...
> only after a luksFormat, thats why i restricted my version of  
> cryptdisks to either swap _or_ luks, because luks is useless in this  
> usage scenario.

you're correct, postchecks for luks devices are simply useless. swap
encryption works only with plain cryptsetup.

but does luksOpen even write to the device if it fails because of wrong
key/password? if not, we don't even need a precheck for luks, do we?

> >yes, but generally prechecks are run against the _source_ device, and
> >postchecks are run against the _target_ device, which is created by
> >cryptsetup.
> 
> Yes but where is the difference?
> both are devices and both should be checked if there is a filesystem.

you're correct again. the same script can be used for both precheck and
postcheck, given that the same check (filesystem check) should be run
against different (source and target) devices.

> luksOpen does only succeed if there is the right key.
> Just as i said... we don't need checks with luks.
> Check if the partition exists (and even there we should be very carefully).

yes, but we don't need to check for the existance of the device just to
prevent cryptsetup from failing. the only reason why this check is
necessary, is when running cryptdisks twice, once before lvm/raid is
started, and once after.
and maybe for removable devices it is interesting too. best would be to
keep the non-existant devices secret. this way removable media which is
not connected is not mentioned in boot process, and thus attackers don't
know that it exists at all.

ideally i'dd like to provide a scenario, where the keys are stored on
a removable media (cd, dvd, usb-stick, whatever), and if the media is
not available, the encrypted devices are not mentioned at all.

> Check if it is a luks partition with isLuks, if yes luksOpen it.
> If the user gave as the wrong key, it's not our fault (thats another  
> bug for right error messages against cryptsetup).

ack.

> >i don't know if it's a good idea to check all source devices for x
> >filesystems before starting cryptsetup. imagine how many filesystems
> >exist, and ideally we would have to check for all of them.
> 
> How would you check if there is a filesystem on the partition? (if not  
> trying all known filesystems?).

that's a problem. it is only necessary for plain cryptsetup fs/swap, but
still it is necessary. maybe fsck -T is an option.

> >but first we want to check for a filesystem on the source device, and
> >fail if one exists.
> 
> Yes that requires a check against all known filesystems... and even  
> then it's possible that there is an unknown filesystem on the device.
> Trying to mount is also a no-option, because even a ro mount would  
> touch the filesystem (journaling).

mount is a bad idea. but in general we can only check for filesystems
that are supported by the host system (kernel, userspace tools, ...).
that's why i think that 'fsck -T' is the best option so far.
what do you think?

> but postchecking luks is useless, because with the false key luksOpen  
> does not succeed.
> Cryptdisks is for mapping the devices, not for spying onto the user if  
> he is able to format his crypto-volumes right (imho).
> It's _impossible_ to know what the user stores onto his cryptovolumes.

you're correct, but for plain cryptsetup the filesystem postcheck is
still usefull. and users have to configure the expected filesystem. i
don't know if configuring a default fs check (like currently ext2/3) is
sane.
but i like the option of checking for the expected filesystem, and
closing + reopening the dm-crypt device if that check fails. if for
example my /usr (ext3) is encrypted with plain cryptsetup, and i give
the wrong password at boot time, it can be very usefull when cryptdisks
recognizes that (through checking for the expected filesystem) and then
retries.

> the only dangerous things are the old cryptsetup volumes, and  
> _espacially_ the swap option in cryptdisks, because it actually  
> formats the partition.

yes, that's why we should precheck for plain cryptsetup fs/swap volumes.

> ok i'll write a small paper about that till tomorrow, because there is  
> too much information for email conversation.

great ;-)

...
 jonas



More information about the Pkg-cryptsetup-devel mailing list