I gave #35 a go, this release seems much better. No major problems noted so far, only one error about GPG:
ecryptfsd: Error initializing key module [/usr/lib/ecryptfs/libecryptfs_key_mod_gpg.so]; rc = [-22] To my knowlege, GPG is not yet supported...is it? mount -t ecryptfs -o verbose,key=openssl:keyfile=/var/tmp/rsa-testing-key.pem /mnt/ecryptfs/lower_files /mnt/ecryptfs/clear_view With crypto modules loaded: md5 4096 0 ecb 3584 0 cbc 4480 0 des 16384 0 sha256 11264 0 sha512 9088 0 blowfish 8320 0 blkcipher 6020 2 ecb,cbc aes 26792 0 Dec 17 22:24:00 atr2 mount.ecryptfs: Preferring [/usr/lib/ecryptfs/libecryptfs_key_mod_passphrase.so] file over built-in module for key module with name [passphrase] Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: min keysize match on buf = [min keysize : 4 ] Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: Adding kernel cipher with name [md5] to the list Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: min keysize match on buf = [min keysize : 4 ] Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: Adding kernel cipher with name [des3_ede] to the list Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: min keysize match on buf = [min keysize : 24 ] Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: For cipher with name [des3_ede], set min_keysize = [24] from str = [24] Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: For cipher with name [des3_ede], set max_keysize = [24] from str = [24] Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: Adding kernel cipher with name [des] to the list Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: min keysize match on buf = [min keysize : 8 ] Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: For cipher with name [des], set min_keysize = [8] from str = [8] Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: For cipher with name [des], set max_keysize = [8] from str = [8] Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: Adding kernel cipher with name [sha256] to the list Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: Adding kernel cipher with name [sha512] to the list Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: Adding kernel cipher with name [sha384] to the list Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: Adding kernel cipher with name [blowfish] to the list Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: min keysize match on buf = [min keysize : 4 ] Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: For cipher with name [blowfish], set min_keysize = [4] from str = [4] Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: For cipher with name [blowfish], set max_keysize = [56] from str = [56] Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: Adding kernel cipher with name [aes] to the list Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: min keysize match on buf = [min keysize : 16 ] Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: For cipher with name [aes], set min_keysize = [16] from str = [16] Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: For cipher with name [aes], set max_keysize = [32] from str = [32] Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: Adding kernel cipher with name [crc32c] to the list Dec 17 22:24:00 atr2 mount.ecryptfs: ecryptfs_get_kernel_ciphers: Adding kernel cipher with name [deflate] to the list Dec 17 22:24:00 atr2 mount.ecryptfs: Duplicates allowed for [key] Dec 17 22:24:00 atr2 mount.ecryptfs: Duplicates allowed for [keyfile] Dec 17 22:24:00 atr2 mount.ecryptfs: name = [rw]; value = [(null)] Dec 17 22:24:00 atr2 mount.ecryptfs: name = [verbose]; value = [(null)] Dec 17 22:24:00 atr2 mount.ecryptfs: name = [key]; value = [openssl] Dec 17 22:24:00 atr2 mount.ecryptfs: name = [keyfile]; value = [/var/tmp/rsa-testing-key.pem] Dec 17 22:24:00 atr2 mount.ecryptfs: eval_param_tree: Calling alloc_and_get_val() on node = [0xb7f43a40]; node->mnt_opt_names[0] = [sig] Dec 17 22:24:00 atr2 mount.ecryptfs: eval_param_tree: node->tl[0].val = [default] Dec 17 22:24:00 atr2 mount.ecryptfs: alloc_and_get_val: Called on node->mnt_opt_names[0] = [sig] Dec 17 22:24:00 atr2 mount.ecryptfs: retrieve_val: Called on node [sig] Dec 17 22:24:00 atr2 mount.ecryptfs: alloc_and_get_val: ECRYPTFS_PARAM_FLAG_NO_VALUE set Dec 17 22:24:00 atr2 mount.ecryptfs: eval_param_tree: Calling alloc_and_get_val() on node = [0xb7f42f80]; node->mnt_opt_names[0] = [key] Dec 17 22:24:00 atr2 mount.ecryptfs: eval_param_tree: node->tl[0].val = [openssl] Dec 17 22:24:00 atr2 mount.ecryptfs: eval_param_tree: node->tl[1].val = [passphrase] Dec 17 22:24:00 atr2 mount.ecryptfs: alloc_and_get_val: Called on node->mnt_opt_names[0] = [key] Dec 17 22:24:00 atr2 mount.ecryptfs: retrieve_val: Called on node [key] Dec 17 22:24:00 atr2 mount.ecryptfs: From param_node = [0xb7f42f80]; mnt_opt_names[0] = [key]: Setting ECRYPTFS_PROCESSED to nvp with nvp->name = [key] Dec 17 22:24:00 atr2 mount.ecryptfs: alloc_and_get_val: Value retrieved from default_val or from parameter list; returning Dec 17 22:24:00 atr2 mount.ecryptfs: Transitioning from [0xb7f42f80]; name = [key] to [0xb7f59240]; name = [keysource] per transition node's next_token Dec 17 22:24:00 atr2 mount.ecryptfs: eval_param_tree: Calling alloc_and_get_val() on node = [0xb7f59240]; node->mnt_opt_names[0] = [keysource] Dec 17 22:24:00 atr2 mount.ecryptfs: eval_param_tree: node->tl[0].val = [default] Dec 17 22:24:00 atr2 mount.ecryptfs: alloc_and_get_val: Called on node->mnt_opt_names[0] = [keysource] Dec 17 22:24:00 atr2 mount.ecryptfs: retrieve_val: Called on node [keysource] Dec 17 22:24:00 atr2 mount.ecryptfs: retrieve_val: Value retrieved from node->default_val = [keyfile] Dec 17 22:24:00 atr2 mount.ecryptfs: alloc_and_get_val: Value retrieved from default_val or from parameter list; returning Dec 17 22:24:00 atr2 mount.ecryptfs: eval_param_tree: Calling alloc_and_get_val() on node = [0xb7f59784]; node->mnt_opt_names[0] = [keyfile] Dec 17 22:24:00 atr2 mount.ecryptfs: eval_param_tree: node->tl[0].val = [default] Dec 17 22:24:00 atr2 mount.ecryptfs: alloc_and_get_val: Called on node->mnt_opt_names[0] = [keyfile] Dec 17 22:24:00 atr2 mount.ecryptfs: retrieve_val: Called on node [keyfile] Dec 17 22:24:00 atr2 mount.ecryptfs: From param_node = [0xb7f59784]; mnt_opt_names[0] = [keyfile]: Setting ECRYPTFS_PROCESSED to nvp with nvp->name = [keyfile] Dec 17 22:24:00 atr2 mount.ecryptfs: alloc_and_get_val: Value retrieved from default_val or from parameter list; returning Dec 17 22:24:00 atr2 mount.ecryptfs: eval_param_tree: Calling alloc_and_get_val() on node = [0xb7f59cc8]; node->mnt_opt_names[0] = [passwd_specification_method] Dec 17 22:24:00 atr2 mount.ecryptfs: eval_param_tree: node->tl[0].val = [passwd] Dec 17 22:24:00 atr2 mount.ecryptfs: eval_param_tree: node->tl[1].val = [passwd_file] Dec 17 22:24:00 atr2 mount.ecryptfs: eval_param_tree: node->tl[2].val = [passwd_fd] Dec 17 22:24:00 atr2 mount.ecryptfs: alloc_and_get_val: Called on node->mnt_opt_names[0] = [passwd_specification_method] Dec 17 22:24:00 atr2 mount.ecryptfs: retrieve_val: Called on node [passwd_specification_method] Dec 17 22:24:00 atr2 mount.ecryptfs: retrieve_val: Called on node [passwd] Dec 17 22:24:00 atr2 mount.ecryptfs: retrieve_val: Called on node [passwd_file] Dec 17 22:24:00 atr2 mount.ecryptfs: retrieve_val: Called on node [passwd_fd] Dec 17 22:24:00 atr2 mount.ecryptfs: alloc_and_get_val: ctx->get_string defined Dec 17 22:24:00 atr2 mount.ecryptfs: alloc_and_get_val: DISPLAY_TRANSITION_NODE_VALS set Dec 17 22:24:05 atr2 mount.ecryptfs: Transitioning from [0xb7f59cc8]; name = [passwd_specification_method] to [0xb7f5a20c]; name = [passwd] per transition node's next_token Dec 17 22:24:05 atr2 mount.ecryptfs: eval_param_tree: Calling alloc_and_get_val() on node = [0xb7f5a20c]; node->mnt_opt_names[0] = [passwd] Dec 17 22:24:05 atr2 mount.ecryptfs: eval_param_tree: node->tl[0].val = [default] Dec 17 22:24:05 atr2 mount.ecryptfs: alloc_and_get_val: Called on node->mnt_opt_names[0] = [passwd] Dec 17 22:24:05 atr2 mount.ecryptfs: retrieve_val: Called on node [passwd] Dec 17 22:24:05 atr2 mount.ecryptfs: alloc_and_get_val: ctx->get_string defined Dec 17 22:24:05 atr2 mount.ecryptfs: alloc_and_get_val: DISPLAY_TRANSITION_NODE_VALS not set Dec 17 22:24:05 atr2 mount.ecryptfs: alloc_and_get_val: node->mnt_opt_names[0] = [passwd] ; node->flags = [0x00000042] Dec 17 22:24:12 atr2 mount.ecryptfs: tf_ssl_passwd: Called w/ node->val = [onlytesting] Dec 17 22:24:12 atr2 mount.ecryptfs: ecryptfs_dummy_get_key_data: Dummy function substituted for unimplemented function in key module Dec 17 22:24:12 atr2 mount.ecryptfs: eval_param_tree: Calling alloc_and_get_val() on node = [0xb7f44a60]; node->mnt_opt_names[0] = [another_key] Dec 17 22:24:12 atr2 mount.ecryptfs: eval_param_tree: node->tl[0].val = [default] Dec 17 22:24:12 atr2 mount.ecryptfs: alloc_and_get_val: Called on node->mnt_opt_names[0] = [another_key] Dec 17 22:24:12 atr2 mount.ecryptfs: retrieve_val: Called on node [another_key] Dec 17 22:24:12 atr2 mount.ecryptfs: alloc_and_get_val: ECRYPTFS_PARAM_FLAG_NO_VALUE set Dec 17 22:24:12 atr2 mount.ecryptfs: Comparing nvp->name = [rw] to key_module_select_node.mnt_opt_names[0] = [key] Dec 17 22:24:12 atr2 mount.ecryptfs: Comparing nvp->name = [verbose] to key_module_select_node.mnt_opt_names[0] = [key] Dec 17 22:24:12 atr2 mount.ecryptfs: eval_param_tree: Calling alloc_and_get_val() on node = [0xb7f43fa0]; node->mnt_opt_names[0] = [ecryptfs_cipher] Dec 17 22:24:12 atr2 mount.ecryptfs: eval_param_tree: node->tl[0].val = [aes] Dec 17 22:24:12 atr2 mount.ecryptfs: eval_param_tree: node->tl[1].val = [blowfish] Dec 17 22:24:12 atr2 mount.ecryptfs: eval_param_tree: node->tl[2].val = [des3_ede] Dec 17 22:24:12 atr2 mount.ecryptfs: eval_param_tree: node->tl[3].val = [des] Dec 17 22:24:12 atr2 mount.ecryptfs: alloc_and_get_val: Called on node->mnt_opt_names[0] = [ecryptfs_cipher] Dec 17 22:24:12 atr2 mount.ecryptfs: retrieve_val: Called on node [ecryptfs_cipher] Dec 17 22:24:12 atr2 mount.ecryptfs: alloc_and_get_val: ctx->get_string defined Dec 17 22:24:12 atr2 mount.ecryptfs: alloc_and_get_val: DISPLAY_TRANSITION_NODE_VALS set Dec 17 22:24:27 atr2 mount.ecryptfs: tf_ecryptfs_cipher: Pushing onto stack; opt = [ecryptfs_cipher=blowfish] Dec 17 22:24:27 atr2 mount.ecryptfs: Transitioning from [0xb7f43fa0]; name = [ecryptfs_cipher] to [0xb7f44500]; name = [ecryptfs_key_bytes] per transition node's next_token Dec 17 22:24:27 atr2 mount.ecryptfs: eval_param_tree: Calling alloc_and_get_val() on node = [0xb7f44500]; node->mnt_opt_names[0] = [ecryptfs_key_bytes] Dec 17 22:24:27 atr2 mount.ecryptfs: eval_param_tree: node->tl[0].val = [16] Dec 17 22:24:27 atr2 mount.ecryptfs: eval_param_tree: node->tl[1].val = [32] Dec 17 22:24:27 atr2 mount.ecryptfs: alloc_and_get_val: Called on node->mnt_opt_names[0] = [ecryptfs_key_bytes] Dec 17 22:24:27 atr2 mount.ecryptfs: retrieve_val: Called on node [ecryptfs_key_bytes] Dec 17 22:24:27 atr2 mount.ecryptfs: alloc_and_get_val: ctx->get_string defined Dec 17 22:24:27 atr2 mount.ecryptfs: alloc_and_get_val: DISPLAY_TRANSITION_NODE_VALS set Dec 17 22:24:31 atr2 mount.ecryptfs: Transitioning from [0xb7f44500]; name = [ecryptfs_key_bytes] to [0xb7f45fe0]; name = [end] per transition node's next_token Dec 17 22:24:31 atr2 mount.ecryptfs: eval_param_tree: Calling alloc_and_get_val() on node = [0xb7f45fe0]; node->mnt_opt_names[0] = [end] Dec 17 22:24:31 atr2 mount.ecryptfs: alloc_and_get_val: Called on node->mnt_opt_names[0] = [end] Dec 17 22:24:31 atr2 mount.ecryptfs: retrieve_val: Called on node [end] Dec 17 22:24:31 atr2 mount.ecryptfs: alloc_and_get_val: ECRYPTFS_PARAM_FLAG_NO_VALUE set Dec 17 22:24:47 atr2 ecryptfsd: Starting eCryptfs userspace netlink daemon [7997] Dec 17 22:24:47 atr2 ecryptfsd: Error initializing key module [/usr/lib/ecryptfs/libecryptfs_key_mod_gpg.so]; rc = [-22] Dec 17 22:25:34 atr2 kernel: 0xca.0x72.0x8a.0x51.0x0d.0x70.0xf3.0xbd.0x50.0x9b.0xef.0x4a.0xe6.0xbf.0xc9.0xdd. Dec 17 22:25:34 atr2 kernel: 0xe3.0xef.0x7b.0x9a.0xd4.0x71.0xb2.0x7d.0x88.0xd9.0x72.0xa4.0xb9.0x2f.0xcd.0xa1. Dec 17 22:25:34 atr2 kernel: 0xec.0x7c.0x03.0xae.0x51.0x8c.0x66.0x8b.0xc7.0xe2.0xba.0x05.0x7b.0x70.0x6d.0xf2. Dec 17 22:25:34 atr2 kernel: 0x72.0xec.0xaa.0x20.0x17.0xac.0xf4.0x67.0x76.0x13.0x7e.0x03.0xaf.0x82.0xf4.0x20. Dec 17 22:25:34 atr2 kernel: 0x23.0xe0.0x16.0x0b.0xaf.0xa5.0x68.0x7c.0x50.0x04.0x85.0x85.0xba.0xb8.0x80.0x3c. Dec 17 22:25:34 atr2 kernel: 0x9d.0xee.0xfd.0x08.0x07.0x06.0x87.0xb2.0xa8.0x62.0xb7.0xcc.0x10.0x13.0x32.0x96. Dec 17 22:25:34 atr2 kernel: 0xd1.0x68.0x73.0xa8.0xa4.0xd9.0xea.0x74.0xaf.0x63.0x2c.0xfb.0x47.0x48.0xa2.0x93. Dec 17 22:25:34 atr2 kernel: 0x30.0x00.0x00.0x00.0x00.0x00.0x00.0x00.0x00.0x00.0x00.0x00.0x00.0x00.0x00.0x00. Dec 17 22:25:34 atr2 kernel: 0x30.0x00.0x00.0x00.0x00.0x00.0x00.0x00.0x00.0x00.0x00.0x00.0x00.0x00.0x00.0x00. Dec 17 22:26:16 atr2 ecryptfsd: ecryptfsd_exit: Closing eCryptfs userspace netlink daemon [7997] Unmount, clear key, restart daemon mount -t ecryptfs -o verbose,key=openssl:keyfile=/var/tmp/rsa-testing-key.pem /mnt/ecryptfs/lower_files /mnt/ecryptfs/clear_view Method of providing the passphrase: 1) passwd: Enter on Console 2) passwd_file: File Containing Passphrase 3) passwd_fd: File Descriptor for File Containing Passphrase Selection [passwd]: 1 Passphrase: Select cipher: 1) aes: blocksize = 16; min keysize = 16; max keysize = 32 (loaded) 2) blowfish: blocksize = 8; min keysize = 4; max keysize = 56 (loaded) 3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24 (loaded) 4) des: blocksize = 8; min keysize = 8; max keysize = 8 (loaded) Selection [aes]: 2 Select key bytes: 1) 16 2) 32 Selection [16]: 1 Attempting to mount with the following options: ecryptfs_key_bytes=16 ecryptfs_cipher=blowfish ecryptfs_sig=f4e702c4ad0755da Mounted eCryptfs # ecryptfsd # head /mnt/ecryptfs/clear_view/NEWS eCryptfs -- History of visible changes. Copyright (c) 1997-2003 Erez Zadok Copyright (c) 2001-2003 Stony Brook University Copyright (c) 2004-2007 International Business Machines Corp. Lead Developer: Michael Halcrow <[EMAIL PROTECTED]> See the end for copying conditions. Please post eCryptfs bug reports via the SourceForge project page: ------------------------------------------------------------------------- SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ eCryptfs-users mailing list eCryptfs-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ecryptfs-users