Your message dated Sat, 04 Jul 2009 15:32:40 +0000
with message-id <[email protected]>
and subject line Bug#494584: fixed in cryptsetup 2:1.0.7~rc1-1
has caused the Debian Bug report #494584,
regarding [cryptsetup] luksFormat does not know --cipher aes-xts-plain
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
494584: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494584
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: cryptsetup
Version: 2:1.0.6-6
Severity: normal
--- Please enter the report below this line. ---
the command:
cryptsetup --verbose --cipher aes-xts-plain --verify-passphrase luksFormat
/dev/hda2
fails with the following error message:
Command failed: Failed to setup dm-crypt key mapping.
Check kernel for support for the aes-xts-plain cipher spec and verify that
/dev/hda2 contains at least 133 sectors
However, running the command:
cryptsetup create --verbose --cipher aes-xts-plain --verify-passphrase crypt0
/dev/hda2
works without any errors.
It seems, while cryptsetup does know about the aes-xts-plain cipher method, the
luks extension does not. It would be desirable
to have luks know about XTS, as well, as it is regared to be more secure than
CBC or LRW.
Regards,
C. Dominik Bodi
--- System information. ---
Architecture: amd64
Kernel: Linux 2.6.26.2-hirsch-3
Debian Release: lenny/sid
--- Package information. ---
Depends (Version) | Installed
=====================================-+-===============
libc6 (>= 2.7-1) | 2.7-13
libdevmapper1.02.1 (>= 2:1.02.20) | 2:1.02.27-3
libpopt0 (>= 1.14) | 1.14-4
libuuid1 | 1.41.0-3
dmsetup | 2:1.02.27-3
--- End Message ---
--- Begin Message ---
Source: cryptsetup
Source-Version: 2:1.0.7~rc1-1
We believe that the bug you reported is fixed in the latest version of
cryptsetup, which is due to be installed in the Debian FTP archive:
cryptsetup-udeb_1.0.7~rc1-1_amd64.udeb
to pool/main/c/cryptsetup/cryptsetup-udeb_1.0.7~rc1-1_amd64.udeb
cryptsetup_1.0.7~rc1-1.diff.gz
to pool/main/c/cryptsetup/cryptsetup_1.0.7~rc1-1.diff.gz
cryptsetup_1.0.7~rc1-1.dsc
to pool/main/c/cryptsetup/cryptsetup_1.0.7~rc1-1.dsc
cryptsetup_1.0.7~rc1-1_amd64.deb
to pool/main/c/cryptsetup/cryptsetup_1.0.7~rc1-1_amd64.deb
cryptsetup_1.0.7~rc1.orig.tar.gz
to pool/main/c/cryptsetup/cryptsetup_1.0.7~rc1.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jonas Meurer <[email protected]> (supplier of updated cryptsetup package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 04 Jul 2009 15:52:06 +0200
Source: cryptsetup
Binary: cryptsetup cryptsetup-udeb
Architecture: source amd64
Version: 2:1.0.7~rc1-1
Distribution: unstable
Urgency: low
Maintainer: Jonas Meurer <[email protected]>
Changed-By: Jonas Meurer <[email protected]>
Description:
cryptsetup - configures encrypted block devices
cryptsetup-udeb - configures encrypted block devices (udeb)
Closes: 492926 494584 511447 511840 522041 522798 525118 528133 529359 530060
535351
Changes:
cryptsetup (2:1.0.7~rc1-1) unstable; urgency=low
.
* new upstream release candidate, highlights include:
- use better error messages if device doesn't exist or is already used by
other mapping (closes: #492926)
- check device size when loading LUKS header
- add some error hint if dm-crypt mapping failed (key size and kernel
version check for XTS and LRW mode for now) (closes: #494584)
- display device name when asking for password
- retain readahead of underlying device, if devmapper version supports it
- set UUID in device-mapper for LUKS devices
- define device-mapper crypt UUID maximal length and check for its size
- add some checks for error codes, fixes warning: ignoring return value...
- update LUKS homepage in manpage to code.google.com/p/cryptsetup
* patches/01_fix_make_distclean.patch: removed, incorporated upstream
* patches/02_manpage.patch: updated, mostly incorporated upstream
* remove invokation of ./setup-gettext.sh from debian/rules.
* set $PATH in checks/xfs. Required to make /usr/sbin/xfs_admin work at early
boot stage. Thanks to Stefan Bender. (closes: #525118)
* update path to docbook-xsl stylesheet in debian/rules to
/usr/share/xml/docbook/stylesheet/docbook-xsl/. Add versioned build-depends
to docbook-xsl (>= 1.74.3+dfsg) for that reason.
* fix bashisms in scripts/decrypt_opensc, thanks to Raphael Geissert.
(closes: #530060)
* fix UUID and LABEL handling for cryptroot, thanks to Kees Cook and ubuntu.
(closes: #522041)
* add ROOT=$NEWROOT to /conf/param.conf in cryptroot initramfs script. This
is required for lilo to find the correct root device. Thanks to Pyotr
Berezhkov and Christian Schaarschmidt. (closes: #511447, #511840)
* replace mini autogen.sh with autoreconf in debian/rules. Thanks to Bastian
Kleineidam. (closes: #522798)
* support escaped newlines in askpass.c, thanks to Kees Cook and ubuntu.
(closes: #528133)
* use the same passphrase prompt in init script and initramfs script
* mention the incoherent behaviour of cryptsetup create/luksOpen with invalid
passwords/keys in cryptsetup manpage. (closes: #529359)
* bump standards-version to 3.8.2, no changes required.
* add 'X-Interactive: true' LSB-header to initscripts.
* fix bash_completion script to use 'command ls'. that way it now works with
aliased ls as well. thanks to Daniel Dehennin. (closes: #535351)
Checksums-Sha1:
3c15740034374b596422bb368106d68a0eac2ed1 1514 cryptsetup_1.0.7~rc1-1.dsc
72ea1655c22e9a4f6b3ce1ebd54c1ec2cb47168e 491136
cryptsetup_1.0.7~rc1.orig.tar.gz
e76cf87674ab0b9c5acca09c4604ff2b712fadfd 60338 cryptsetup_1.0.7~rc1-1.diff.gz
ce8420ff7e050fc0253a8f6d28366d903b100e78 342644
cryptsetup_1.0.7~rc1-1_amd64.deb
123bf35e90d6a498c009ec62b312a8580965ac22 278526
cryptsetup-udeb_1.0.7~rc1-1_amd64.udeb
Checksums-Sha256:
1cd9de33da08b71fd316424d652d9e9a372e33a289427d046e009eecfe5e2215 1514
cryptsetup_1.0.7~rc1-1.dsc
5c232b668c9756f5e7c776db97d511e6f7036881a9473bf3b9bebe00efa6ffac 491136
cryptsetup_1.0.7~rc1.orig.tar.gz
ad094ea8929ba2ec2375769228cb1db91617db45745a3f94423384a80de62378 60338
cryptsetup_1.0.7~rc1-1.diff.gz
77c93530b5164dcad8e0627966c51becc382e5b3281fe3ba28455694f1fdea76 342644
cryptsetup_1.0.7~rc1-1_amd64.deb
a1df0c38f44be8e1b26717b6d15aef71ac6cdef4d3dc20affd8fecc26f5d8ab5 278526
cryptsetup-udeb_1.0.7~rc1-1_amd64.udeb
Files:
ad67f90b92f71b50e68d1fa843b77394 1514 admin optional cryptsetup_1.0.7~rc1-1.dsc
720e669fc9252f8c84290f5ddea9c5ca 491136 admin optional
cryptsetup_1.0.7~rc1.orig.tar.gz
eda330da74b4e858ee71c4b2dde5facd 60338 admin optional
cryptsetup_1.0.7~rc1-1.diff.gz
e895242243f445e3d44ca89e2c9cc74d 342644 admin optional
cryptsetup_1.0.7~rc1-1_amd64.deb
638c31d8ffb956254f50ebc4124261a1 278526 debian-installer optional
cryptsetup-udeb_1.0.7~rc1-1_amd64.udeb
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkpPYKoACgkQd6lUs+JfIQKyyQCfaGbruiHQC/aW5GjJZGAUVBSK
V/gAnRb04na8cn2mGz8qKnzVwTg+fi0+
=LALY
-----END PGP SIGNATURE-----
--- End Message ---