On Sun, 24 Aug 2003 00:24:26 +0200, Richard Zidlicky wrote:
> On Sat, Aug 23, 2003 at 08:55:28PM +0200, Thierry Godefroy wrote:
>
> > I got no compatibility problem with the crypto API but for when
> > they changed from 2.2 to 2.4 kernel (the data had to be transfered
> > to a new encrypted volume, but that's all).
>
> it will change again for 2.6, probably a few times yet.
>
> > Also, the crypto API is to become the standard, so I'd recommend
> > starting to get used to it right now instead of using a third party
> > software which seems pretty much incompatible with the crypto API
> > (as far as I could see by reading the loop-AES documentation).
>
> the standard is just emerging, it had 2 versions with incompatible
> disk formats last 2 weeks and mount options are still subject of
> discussion.. not a good time to get used to it.
Well, v2.4 kernels are not concerned by these changes, and v2.6
doesn't even exist officially yet (it's still in 'test' stage)...
> So far it seems loop-AES can encrypt or decrypt all formats except
> perhaps some of those with broken IV keys.
It lacks quite a lot of algorithms from what I saw... loop-AES can
do AES, Serpent, Twofish and Blowfish, while the crypto-API knows
about: 3DES, AES, Blowfish, CAST5, IDEA, Mars, RC5, RC6, Serpent and
Twofish for the ciphers, plus: MD5, RIPEMD160, SHA1, SHA256, SHA384,
SHA512 for the digests. And I don't even cite the "deprecated" (unsafe)
ciphers and digests...
> > > that looks very strange. Perhaps I can make some sense out of
> > > it when I see the patch.
> >
> > Alas, there's some weirdness in the rc.sysinit script of ShoeString:
> > it looks like a line in fstab such as:
> >
> > /mnt/cdrom /mnt/cdrom supermount fs=iso9660,dev=/dev/cdrom 0 0
>
> no idea. What would "mount -a" do if that line is in /etc/fstab?
It works just fine in that case (it's how I tested it before rebooting
the first time)... As I told you, this has nothing to do with supermount
itself, as the same behaviour appears on supermount-less kernels...
> Mine simply complains no such fs and that's it but I have newer
> version of the script.
That might explain things... Also, there are quite a few "quirks" in
ShoeString installation, one of them being that you end up with two
different directories holding the init.d scripts (with either different
scripts or two versions of the same...): /etc/init.d (which should be
a symlink instead), and /etc/rc.d/init.d. I moved all the scripts in
/etc/rc.d/init.d and made /etc/init.d a symlink, so I may have ended
up with a deprecated script... But rc.sysinit is in /etc/rc.d and
should not be affected.
For info (it may be of some use to all the users of ShoeString),
there's also a missing symling to /usr/bin/cpp in /lib (ln -s
/usr/bin/cpp /lib/cpp) which prevents .Xdefault of being parsed
at 'startx' time. There are also missing links to the kernel
headers directories in /usr/include ('linux' and 'asm'), preventing
to compile any software (but those symlinks are automatically setup
by my kernel-headers package).
Thierry ([EMAIL PROTECTED]).
