I have had to install SuSe on a system that had an encrypted backup
drive. Much as I love Gentoo, I had to install SuSe on this system for
compatability reasons, which I wont go into here.
I had the loop device created using the gentoo 2.6 kernel and whatever
loop and crypto modules are in the default gentoo 2.6 kernel. I didn't
do any aditional compilation for loop-AES as far as I can remember (it
was a while ago that I set it up). I created the loop device with a
script that basically executed the command:
losetup -e aes-cbc-128 -p0 /dev/loop0 /dev/sdb1 < /etc/backup/aes.key
Where the aes.key file has a random alpanumeric string of 60 characters.
It then mounts the /dev/loop0 device to the mount point with:
mount -t ext2 /dev/loop0 /mnt/backup
I backed up the script and key before reinstalling the system and put
them back on the new system, but when I run the script it creates the
/dev/loop0 with the same options sucessfully but fails to mount as it
recons the ext2 fs isn't there or is corrupt. It is behaving as if the
key is wrong but it is not.
The /dev/sdb1 device is a USB external disk. I have several of these
devices with encrypted info on them, fortunatly, none of which is
critical. One of the drives does have some stuff which I would like to
recover to save having to set up again. As an experement I tried running
mke2fs /dev/loop0 on one of the non important drives and it
reinitialises the ext2 partition, which then sets up and mounts fine.
My main query is what would be difference between the way the gentoo 2.6
kernel and the SuSe 2.6 kernel handle the Crypto loop devices. I tried
both the Cryptoloop that is in the standard SuSe kernel and I also
compiled a custom Kernel without the loop device and compiled the
loop-aes loop device that I downloaded from sourceforge. Both gave the
same results of a sucessful execution of the losetup command but with an
unreadable ext2 FS. I have checked the key is correct and it is, but the
results are as if it was wrong. The only thing I can think of is that
there is some difference between the two systems in the way the keys are
handled, or there is some sort of seeding that I am unaware of.
Any help or suggestions would be greatfully acepted.
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/
[Home]
[Kernel]
[Linux Crypto]
[Gnu Crypto]
[Gnu Classpath]
[Netfilter]
[Bugtraq]
[Network Security Reading]
