tags 387159 +wontfix
thanks
On Tue, Sep 12, 2006 at 05:27:57PM +0100, Dennis Furey wrote:
My key is manually generated in binary by a random physical process
and memorized as a hexadecimal number, so I have nothing to gain but
maybe something to lose by hashing it. I have patched cryptsetup to
pay attention to the plain hash option when using LUKS format, and to
refrain from hashing the password in that case, provided that the
password is given as a hexadecimal number of the right length.
I appreciate that using passwords that are secure but difficult to
remember could cause trouble for some people. Other than that, there
should be no breakage for anyone because there was previously no
reason to use the plain hash option for LUKS format. Backward
compatibility can be retained by continuing not to use it. I hope you
like my patch. Feel free to send it upstream.
I've already discussed this feature with upstream some time ago for
similar purposes and he was not willing to accept such a change. I don't
think we should carry such a patch when upstream does not agree.
You still have the option of using regular dm-crypt without hashing
though.
If you'd still like to see this change applied, I suggest you discuss
it directly with the upstream author - Clemens Fruhwirth
(<[EMAIL PROTECTED]>, http://clemens.endorphin.org/)
--
David Härdeman
