Gmane -- Mail To News And Back Again

Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog

From: Sam's Lists <samslists-Re5JQEeQqe8AvxtiuMwx3w <at> public.gmane.org>
Subject: Re: Check kernel for support for the aes-cbc-essiv:sha256 cipher spec....
Newsgroups: gmane.linux.kernel.device-mapper.dm-crypt
Date: Tuesday 13th March 2007 22:12:31 UTC (over 10 years ago)

Okay, playing some hunches I fixed this with "modprobe dm-mod".  I.e. the
device-mapper module was not loaded in the kernel.

No one should have to go through what I just did.  :)

Can I recommend that the following error message be changed:

Check kernel for support for the aes-cbc-essiv:sha256 cipher spec and
verify
that /dev/loop0 contains at least 258 sectors.

To something like:

Check kernel for the device mapper (modprobe dm-mod) and that the kernel
has
support for the aes-cbc-essiv:sha256 cipher spec and verify that /dev/loop0
contains at least 258 sectors.

Or something similar...


On 3/13/07, Sam's Lists 
wrote:
>
> Hi...
>
> I'm migrating away from my laptop to a desktop.  On my laptop I had
> kubuntu 6.10.  But it was slowly upgraded from previous versions.
>
> On my desktop I have a fresh install of Kubuntu 6.10.
>
> I copied over the file /encrypteddata
>
> I also do the following three steps (in a shell script usually) to mount
> my data:
>
> losetup /dev/loop0 /encrypteddata
> cryptsetup luksOpen /dev/loop0 data
> mount /dev/mapper/data /mnt/data
>
> Step 1, the losetup works okay.
>
> But step 2 gives me the error:
> Failed to setup dm-crypt key mapping.
> Check kernel for support for the aes-cbc-essiv:sha256 cipher spec and
> verify that /dev/loop0 contains at least 258 sectors.
> Failed to read from key storage
> Command failed.
>
> This happens after I input my password.
>
> Here's the output of cryptsetup luksDump /dev/loop0  (I've gone ahead and
> snipped some of it.  Let me know if you really need it all.  Can't really
> see why I should share my salt unless it's useful.  :)
>
> LUKS header information for /dev/loop0
>
> Version:        1
> Cipher name:    aes
> Cipher mode:    cbc-essiv:sha256
> Hash spec:      sha1
> Payload offset: 2056
> MK bits:        256
> [snipped]
>
> Key Slot 0: ENABLED
>         Iterations:             *****
>         Salt:                  *****
>         Key material offset:    8
>         AF stripes:             4000
> Key Slot 1: DISABLED
> Key Slot 2: DISABLED
> Key Slot 3: DISABLED
> Key Slot 4: DISABLED
> Key Slot 5: DISABLED
> Key Slot 6: DISABLED
> Key Slot 7: DISABLED
>
> Here's the output of cat /proc/crypto
> name         : md5
> driver       : md5-generic
> module       : kernel
> priority     : 0
> type         : digest
> blocksize    : 64
> digestsize   : 16
>
> name         : aes
> driver       : aes-generic
> module       : aes
> priority     : 100
> type         : cipher
> blocksize    : 16
> min keysize  : 16
> max keysize  : 32
>
> name         : sha256
> driver       : sha256-generic
> module       : sha256
> priority     : 0
> type         : digest
> blocksize    : 64
> digestsize   : 32
>
> Does this mean I have aes-cbc-essiv:sha256 support?  If not, how do I
> enable it?
>
> I was careful to enter my password correctly, and I tried it several
> times.
>
>
> Please help...
>
> Thanks
>

CD: 3ms