Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 15 Jun 2006 14:27:56 +0400
From: Solar Designer <solar@...nwall.com>
To: owl-users@...ts.openwall.com
Subject: Re: Owl: crypto

On Tue, Jun 13, 2006 at 04:00:08PM +0400, Maxim Timofeyev wrote:
> For some reason it is impossible to create crypto fs...
> 
> # for i in aes anubis arc4 blowfish cast5 cast6 crypto_null deflate des khazad
> md4 md5 michael_mic serpent sha1 sha256 sha512 tcrypt tea twofish wp512; do
> modprobe $i; done
> 
> # echo 123 | losetup -e sha1 -k 128 -p 0 /dev/loop0 /dev/md4
> ioctl: LOOP_SET_STATUS: Invalid argument, requested cipher or key length (128
> bits) not supported by kernel

You're doing something weird.  SHA-1 is a message digest (hashing)
algorithm, you can't use it as the cipher for encrypting a filesystem.

Also, most of the time you should not be specifying an explicit key size
(the -k option).  Once you choose a cipher, there are only a few or even
a single valid key size for that cipher.  If you try to specify another
(invalid) key size, you will get an error message such as the above.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.