[Pkg-cryptsetup-devel] Re: Some thoughs and opinions about PartmanCrypto's future

[Max Vozeler]

Hi Yehoshua,

On Sun, Mar 12, 2006 at 04:34:37AM +0200, Yehoshua (Shay) O'Hayon Suchar wrote:
> hey folks, I've working on partmancrypto today and I'd like to publish
> here things I've thought about, so I can get opinions and see how I
> advance from here.
> 
> I'm planning to work on dm-crypt and LUKS support on partman, which it
> lacks of in the actual work and which is the encryption method in
> Linux that I'm more familiar with.

As we talked about on IRC, your work on this is very welcome.
Please coordinate with cryptsetup maintainers on this. You can
reach them at pkg-cryptsetup-devel at lists.alioth.debian.org - 
I'm CCing this message to the list so they know :-)

> Debian support nowdays dm-crypt (the cryptsetup package) is quite
> fine, it also has a very good documentation on how encrypt the root
> filesystem, but there has been no work on cryptsetup-luks 

I think this has actually changed recently. From what I
understood from Jonas description (IIRC), cryptsetup in unstable
now has support for LUKS.

>  1. init.d/crypto_modules: IIRC, we need dm-mod and dm-crypt
>  modules, both can be compiled in the kernel (CONFIG_BLK_DEV_DM
>  and CONFIG_DM_CRYPT), should we use a kernel that has those
>  modules or compile them into the kernel? (who manages the
>  kernel in the d-i and should be noticed about the modules we
>  need to add for the installation?)

If it's not required that they are built into the kernel, I
think it's better and much easier to use them as modules. That
way we get more granularity and don't bloat for example the
space-sensitive floppy images with larger kernels.

Have you checked if the required modules are maybe already
included in one of the kernel module udebs? If they are not, 
it would be good to compile a list of all required modules
(including ciphers) and file a wishlist bug against the udeb
kernel packages - or send it to debian-boot.

> 2. choose_method/crypto: IMHO we should try to decide on a standard
> for this, but yet giving the user the option to choose. I think that
> cryptsetup-luks is a good option for this because one of its main
> goals is standardization (and really, not because I'm working on
> implementing it :-). I'm *really* interested on reading your opinion
> about this point, specially Max's opinion.

Yes, I have been thinking about use-cases for partman-crypto 
and for some of them it would be good to offer an option that is
just named "Encryption" - without bothering the user about
different implementations. There is also the question of which
to use by default once there will be partman-auto-crypto.

But actually I don't think this is important to decide just yet
and IMO either LUKS or loop-AES would be fine choices. LUKS may
actually be preferred because the setup is clearer and more
modern, as well as requiring less hacks. I would not like to use
plain dm-crypt by default because of the sector-IV it uses. In
the end, I think once we get closer to release, we can just look
which gives the best user-experience and decide then.

> I think that that's it for now, I'm going to be offline on the next
> two weeks, but I'll try to work on this offline. I'll write about
> updates when I'll come back online.

Great, looking forward to it :-)

cheers,
Max