On 30/08/2022 15:48, Chris Murphy wrote:
The built-in default for cryptsetup on Fedora is LUKS2 which uses
argon2id with parameters:
Iteration time: 2000, Memory required: 1048576kB, Parallel threads: 4
This is maximum, it is decreased according to benchmark during format.
It is
On 27/07/2022 17:52, Chris Murphy wrote:
On Wed, Jul 27, 2022, at 11:11 AM, Chris Adams wrote:
Once upon a time, Neal Gompa said:
My understanding is that Windows preloads are now blank-encrypted.
That is, there's a BitLocker volume wrapping the filesystem, even with
encryption turned off. It
On 20/04/2021 08:05, Ulrich Windl wrote:
Kairui Song schrieb am 19.04.2021 um 12:00 in
> Nachricht
> :
>> Hi all,
>>
>> I'm currently trying to add kdump support for systemd with full‑disk
>> LUKS encryption. vmcores contain sensitive data so they should also be
>> protected, and network
Hi,
TL;DR what you are trying to do is to actually reverse many security measures
we added. It is perhaps acceptable for debugging but hardly for real generic
system.
- using memory-hard function increases cost of dictionary and brute-force
attacks
You can always decrease amount of memory
On 09/03/2021 10:42, Ian Laurie wrote:
> Fedora 34 with latest updates (kernel-5.11.3-300.fc34.x86_64) won't
> mount Veracrypt volumes. I can boot with the previous kernel 5.11.2 and
> it works fine.
>
> kernel-5.11.3-300.fc34.x86_64
> cryptsetup-2.3.4-2.fc34.x86_64
>
> Commands I'm using
On 22/08/2019 00:10, Chris Murphy wrote:
> Anyway, the Fedora Workstation working group has this as an issue
> being explored by a subgroup very soon, and make recommendations back
> to the working group. So there will be a lot more discussion about
> this in the near future.
>
Hi,
we are going to build new libargon2 in Fedora rawhide
to version 20171227 with soname bump.
These are affected packages:
R-argon2
cryptsetup-libs
keepassxc
php
php-cli
php-dbg
php-embedded
php-fpm
uwsgi-plugin-php
yapet
We are going to rebuild all affected packages once new libargon2 build
On 04/02/2018 06:24 PM, Tom Callaway wrote:
> On 04/01/2018 02:14 PM, Florian Weimer wrote:
>> I don't know if anything has changed since then, and what version of the
>> TrueCrypt license that assessment was based on.
>
> TrueCrypt upstream vanished in a puff of smoke in 2014, cancelling
>
On 01/25/2018 08:40 PM, inderau...@arcor.de wrote:
>> Milan Broz <gmazyl...@gmail.com> hat am 25. Januar 2018 um 20:32 geschrieben:
>> On 01/25/2018 08:05 PM, inderau...@arcor.de wrote:
>>> Hej there! Just want to ask if/or when it will be available for Fedora
&g
On 01/25/2018 08:05 PM, inderau...@arcor.de wrote:
> Hej there! Just want to ask if/or when it will be available for Fedora
> workstation.
Fedora usually has build of all cryptsetup/LUKS tools as the first distro.
So, for now, rawhide has all recent builds, so Fedora 28 should get all builds
On 12/11/2017 01:05 AM, Björn 'besser82' Esser wrote:
> === Possible complications ===
>
> Since we have a circular dependency in rebuilding cryptsetup (and many
> other packages having direct or indirect (systemd !!!) BuildRequires on
> that package, I'll do the rebuild chains in two passes:
>
On 10/30/2017 06:19 PM, Zbigniew Jędrzejewski-Szmek wrote:
> If there's any breakage in systemd, this will make systems unusable. Please
> check if systemd rebuilds fine before pushing the update, and either rebuild
> systemd yourself, or ping me to do it.
Yes, we are aware of it. Rebuild is
On 02/02/2013 02:49 PM, Björn Persson wrote:
Paolo Bonzini wrote:
If you're talking about RDRAND, it doesn't hand out entropy. That's
RDSEED, which will only come with Haswell.
RDRAND only hands out random numbers.
Huh? Random numbers is pretty much synonymous to entropy in the
On 10/09/2012 12:14 AM, Lennart Poettering wrote:
Well, I am all for minimizing the minimal installation set, and can
applaud attempts to continiusly make data avilable where we stand with
this and which packages are the worst dependency and size hogs. However,
afaics the feature you
On 10/09/2012 03:42 PM, Lennart Poettering wrote:
On Tue, 09.10.12 12:24, Milan Broz (mb...@redhat.com) wrote:
- systemd-cryptsetup
(generally, to be able to install system without cryptsetup-device-mapper
libs
dependences if only plain partitions are used, as they are in VM)
- system
On 10/07/2012 02:36 AM, Ian Pilcher wrote:
I'm sure that this information is somewhere on the Fedora Wiki, but my
search-fu apparently isn't up to the task of finding it.
What are the plans for LVM and/or software RAID support?
Currently (F18 Beta TC2), it seems to be impossible for those
On 05/28/2012 04:55 PM, Roberto Ragusa wrote:
On 05/26/2012 03:53 PM, Juan Orti Alcaine wrote:
I suspect it isn't working because cryptsetup status
/dev/mapper/luks-uuid does not say anything about discards. I think
it must say flags: discards
Any suggestion?
lsblk -D
it should print
On 10/25/2011 07:23 PM, Till Maas wrote:
Yet as long as it is not done, encrypting /usr is no improvement. And
even if it is done, you would also need to verify that nobody installed
a keyboard logger on your device if your fear attackers that have easily
physical access to the device in
On 10/18/2011 06:40 PM, Richard W.M. Jones wrote:
On Fri, Oct 14, 2011 at 12:40:33PM +0200, Milan Broz wrote:
So I did discover a weird problem with this update. When running
the libguestfs test suite, cryptsetup sometimes hangs on this
command:
cryptsetup -q -d /tmp/luksFbnt2j --key-slot
Hi,
cryptsetup-luks name was old relict, so I decided to rename
it back to cryptsetup (as in upstream and all other distros).
With this change comes also update to 1.4.0 version which
removes old API (not used for years) and it requires libcryptsetup
library version bump.
(Of course only in
On 10/14/2011 02:19 PM, David Cantrell wrote:
On 10/14/2011 06:40 AM, Milan Broz wrote:
You forgot anaconda in this list. It's easy to see what packages
require another package with repoquery.
yes, sorry.
I had to add fake provides temporarily (systemd required in buildroot blocked
itself
On 10/08/2011 04:17 AM, Rahul Sundaram wrote:
On 10/08/2011 12:55 AM, Richard W.M. Jones wrote:
Is there any reason to use TrueCrypt, over the whole disk encryption
that Fedora already provides? LUKS just works afaict ...
Does it? It is not easily accessible for a regular end user and is
On 10/08/2011 09:15 PM, Eric Smith wrote:
Milan Broz wrote:
Truecrypt on Linux uses kernel dm-crypt, so it is all mainly about
metadata format handling.
I will probably try to add alternative to cryptsetup
to handle directly Truecrypt format (which is documented on project
page
On 02/23/2011 07:41 PM, Peter Jones wrote:
On 02/23/2011 12:50 PM, Lars Seipel wrote:
If you want to stack it on top of dm-crypt there are caveats as well.
Right, which is what we'd wind up doing in the encrypted case.
From btrfs-wiki:
btrfs volumes on top of dm-crypt block devices (and
On 11/14/2010 12:41 AM, Richard W.M. Jones wrote:
1. http://fedoraproject.org/wiki/Features/NoDefaultLVM
Info on this page is completely obsolete!
| * Certain filesystem features (ext3 barriers) are unavailable when run
| on top of LVM.
No longer true, barriers (resp. flush) are fully
25 matches
Mail list logo
