Bug#919725: [pkg-cryptsetup-devel] Bug#919725: cryptsetup: switch to LUKS2 by default for new installs

2019-01-18 Thread Christoph Anton Mitterer 
On Fri, 2019-01-18 at 15:01 -0800, Matt Taggart wrote:
> Is it ready to become the default for new installs yet?

Being not much more than just a user of it and regularly following the
upstream mailing list… I'd rather suggest to be conservative in that
matter.

AEAD is still marked as experimental by upstream and while there are
other reasons to use LUKS2 (which could be quite stable already) it's
crypto what were talking about:
security is the upmost goal (which is also why most other writers and
myself seemed rather concerned about Debian's intention to default to
TRIM enabled in dm-crypt). 

A good thing, which makes it IMO also less pressing to switch to LUKS2
is, that LUKS1 can be in-place-converted to LUKS2 in most cases.
So users can most of the time switch later, without having to rewrite
everything.


Cheers,
Chris.


smime.p7s
Description: S/MIME cryptographic signature

Bug#919725: [pkg-cryptsetup-devel] Bug#919725: cryptsetup: switch to LUKS2 by default for new installs

2019-01-18 Thread Guilhem Moulin 
Hi Matt,

On Fri, 18 Jan 2019 at 15:01:59 -0800, Matt Taggart wrote:
> There was some discussion on the debian-boot list during the
> libcryptsetup transition about the format
> 
> https://lists.debian.org/debian-boot/2017/12/msg00231.html
> 
> including a comment,
> 
> "feel free to poke us again for partman-crypto when the new format
> looks mature enough so that we see about adding support for it."

Please see 
https://salsa.debian.org/installer-team/partman-crypto/merge_requests/1
and this thread https://www.saout.de/pipermail/dm-crypt/2018-July/005925.html .

We'd much prefer if the d-i default LUKS format was identical to the
cryptsetup(8) binary here, and we'd rather avoid a Debian-specific patch
to change the LUKS format version in the binary.  At least not without
upstream's blessing; the above thread indicates a few subtle — now fixed —
issues with libblkid for instance, so we should really be careful here).

Upstream is aware of the upcoming freeze, and AFAIK the plan is still to
release 2.1, defaulting to LUKS2, in time for Buster.  I actually
planned to bump the thread shortly before FOSDEM :-)  (Should we miss
the deadline, we'll consider a Debian-specific patch in src:cryptsetup
and ask for upstream's opinion.) 

Cheers,
-- 
Guilhem.


signature.asc
Description: PGP signature