[pkg-cryptsetup-devel] plain problems
Guilhem Moulin
guilhem at debian.org
Fri May 3 14:02:18 BST 2024
On Fri, 03 May 2024 at 14:40:54 +0200, Guilhem Moulin wrote:
>> appears to work,
Replied too fast. With plain mode cryptsetup has no way to know if
unlocking was successful or not (whether it's because the passphrase is
incorrect or because the cipher/hash differs from what's been supplied
when creating the volume). So as long has the options are supported the
command will always succeed. See also the “PLAIN DM-CRYPT OR LUKS?”
section of the crypttsetup(8) manual.
(Upstream's) 2.7.x introduces a backward incompatible change for plain
mode when relying on the defaults. The former defaults were `--cipher
aes-cbc-essiv:sha256 --hash ripemd160`, and if you relied on any of that
you'll need to pass them explicitly. This is documented in the NEWS
file.
--
Guilhem.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-cryptsetup-devel/attachments/20240503/d8b6c866/attachment.sig>
More information about the pkg-cryptsetup-devel
mailing list