1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [Mageia-dev] unable to mount encrypted partitions created with drakdisk
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20unable%20to%20mount%20encrypted%20partitions%20created%20with%0A%09drakdisk&In-Reply-To=%3CCAKVccoVMLtVPyh%2BNmts-shk%2BWyf0YLgh6CPUbrTE_rYDqGMouQ%40mail.gmail.com%3E">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="013286.html">
<LINK REL="Next" HREF="013349.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[Mageia-dev] unable to mount encrypted partitions created with drakdisk</H1>
<B>simple w8</B>
<A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20unable%20to%20mount%20encrypted%20partitions%20created%20with%0A%09drakdisk&In-Reply-To=%3CCAKVccoVMLtVPyh%2BNmts-shk%2BWyf0YLgh6CPUbrTE_rYDqGMouQ%40mail.gmail.com%3E"
TITLE="[Mageia-dev] unable to mount encrypted partitions created with drakdisk">simplew8 at gmail.com
</A><BR>
<I>Wed Mar 21 08:41:00 CET 2012</I>
<P><UL>
<LI>Previous message: <A HREF="013286.html">[Mageia-dev] unable to mount encrypted partitions created with drakdisk
</A></li>
<LI>Next message: <A HREF="013349.html">[Mageia-dev] unable to mount encrypted partitions created with drakdisk
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#13288">[ date ]</a>
<a href="thread.html#13288">[ thread ]</a>
<a href="subject.html#13288">[ subject ]</a>
<a href="author.html#13288">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>2012/3/21 David W. Hodgins <<A HREF="https://www.mageia.org/mailman/listinfo/mageia-dev">davidwhodgins at gmail.com</A>>:
><i> On Tue, 20 Mar 2012 20:57:47 -0400, simple w8 <<A HREF="https://www.mageia.org/mailman/listinfo/mageia-dev">simplew8 at gmail.com</A>> wrote:
</I>><i>
</I>>><i> Hi,
</I>>><i>
</I>>><i> I use sometimes to boo Windows, and if i need some file i use to mount
</I>>><i> my /home encrypted partition using FreeOTFE (or TrueCrypt) to access
</I>>><i> the files i need, but i saw today that the /home partition that was
</I>>><i> created in mageia is not possible to mount with FreeOTFE or TrueCrypt.
</I>>><i>
</I>>><i> But the /home partition created with mandriva drakdisk can be mounted
</I>>><i> with those 2 applications, so seams that Mageia drakdisk isnt doing
</I>>><i> something right.
</I>><i>
</I>><i>
</I>><i> That's likely a result of
</I>><i> <A HREF="https://bugs.mageia.org/show_bug.cgi?id=3092">https://bugs.mageia.org/show_bug.cgi?id=3092</A>
</I>><i>
</I>><i> With the default settings, cryptsetup uses cbc mode encryption,
</I>><i> which makes it much more likely that it can be cracked.
</I>><i>
</I>><i> See <A HREF="http://clemens.endorphin.org/nmihde/nmihde-A4-os.pdf">http://clemens.endorphin.org/nmihde/nmihde-A4-os.pdf</A>
</I>><i> for an explanation of how this is done.
</I>><i>
</I>><i> In Mageia's diskdrake, the setting is overridden to use xts mode,
</I>><i> instead of cbc mode.
</I>><i>
</I>><i> If you prefer to use the less secure method, in order
</I>><i> to keep it compatible with the windows applications, you'll
</I>><i> have to re-encrypt it manually with
</I>><i> cryptsetup luksFormat /dev/sd??.
</I>><i>
</I>><i> Don't forget to backup the data first, as this will erase that
</I>><i> device.
</I>><i>
</I>><i> Regards, Dave Hodgins
</I>
Thanks for the clarification, and was a very good improvement :)
But i think it would be better to have in diskdrake some option
allowing the user to choose the cypher, since the default cypher used
in cryptsetup and in other apps that support luks, is cbc, and this
way diskdrake is putting it incompatible with remaning apps that
support luks.
This way the user could be informed about whats happening and also
would have a choice, that would be great and would in fact increase
diskdrake popularity.
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="013286.html">[Mageia-dev] unable to mount encrypted partitions created with drakdisk
</A></li>
<LI>Next message: <A HREF="013349.html">[Mageia-dev] unable to mount encrypted partitions created with drakdisk
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#13288">[ date ]</a>
<a href="thread.html#13288">[ thread ]</a>
<a href="subject.html#13288">[ subject ]</a>
<a href="author.html#13288">[ author ]</a>
</LI>
</UL>
<hr>
<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev
mailing list</a><br>
</body></html>
|
