Bug#387159: [Pkg-cryptsetup-devel] Bug#387159: cryptsetup: compulsory hashing in luks format

David Härdeman david at hardeman.nu
Fri Nov 10 23:46:42 CET 2006

tags 387159 +wontfix

On Tue, Sep 12, 2006 at 05:27:57PM +0100, Dennis Furey wrote:
>My key is manually generated in binary by a random physical process
>and memorized as a hexadecimal number, so I have nothing to gain but
>maybe something to lose by hashing it. I have patched cryptsetup to
>pay attention to the plain hash option when using LUKS format, and to
>refrain from hashing the password in that case, provided that the
>password is given as a hexadecimal number of the right length.
>I appreciate that using passwords that are secure but difficult to
>remember could cause trouble for some people. Other than that, there
>should be no breakage for anyone because there was previously no
>reason to use the plain hash option for LUKS format. Backward
>compatibility can be retained by continuing not to use it. I hope you
>like my patch. Feel free to send it upstream.

I've already discussed this feature with upstream some time ago for 
similar purposes and he was not willing to accept such a change. I don't 
think we should carry such a patch when upstream does not agree.

You still have the option of using regular dm-crypt without hashing 

If you'd still like to see this change applied, I suggest you discuss 
it directly with the upstream author - Clemens Fruhwirth 
(<clemens at endorphin.org>, http://clemens.endorphin.org/)

David Härdeman

More information about the Pkg-cryptsetup-devel mailing list