From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bluedzins@wp.pl>
Received: from mx4.wp.pl (mx4.wp.pl [212.77.101.8])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mail.saout.de (Postfix) with ESMTPS
 for <dm-crypt@saout.de>; Sun, 13 Mar 2011 16:21:28 +0100 (CET)
Received: from 178-36-65-80.adsl.inetia.pl (HELO [192.168.1.2])
 (bluedzins@[178.36.65.80]) (envelope-sender <bluedzins@wp.pl>)
 by smtp.wp.pl (WP-SMTPD) with AES256-SHA encrypted SMTP
 for <dm-crypt@saout.de>; 13 Mar 2011 16:21:26 +0100
From: Maciej Pilichowski <bluedzins@wp.pl>
Date: Sun, 13 Mar 2011 16:23:19 +0100
References: <201103131045.26845.bluedzins@wp.pl>
 <20110313105332.GA6745@fancy-poultry.org>
In-Reply-To: <20110313105332.GA6745@fancy-poultry.org>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <201103131623.19883.bluedzins@wp.pl>
Subject: Re: [dm-crypt] How to activate hash module?
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

Hello,

  Thank you all for the answers.

On Sunday 13 March 2011 13:00:13 Arno Wagner wrote:

> What is the hash in question? 

Ok, it is ripemd 320. 

> Maybe you should 
> load the module in both versions and then do
> a "cat /proc/crypto".

Just in case, I repeat, that in OS11.1 I don't have to load it to use 
it. It simply works.

I loaded the modules in both cases, it appeared in /proc/crypto. The 
only difference I see is type. For OS11.1 it is listed as digest, for 
11.4 as shash. Sizes are the same.

> What you can try, is to compile your own kernel with
> the hash statically compiled in.

That step I would like to avoid, because I am afraid that if I forget 
I have custom kernel with update I can overwrite it.

> Personally, I gave 
> up on distribution kernels a long time ago, and
> have only rarely had problems. This is with Debian,
> though.

Ironically, yesterday I considered Debian as replacement for Opensuse 
because of this issue (hoping that with Debian most advanced issues 
are solved).

On Sunday 13 March 2011 11:53:32 Heinz Diehl wrote:

> Not quite shure on that one, but as far as I know, newer cryptsetup
> is libgcrypt based, so you'll have to check if your libgcrypt
> implementation has compiled-in support for this particular hash
> algorithm you're trying to use.

I don't know how to check it, but I try to find out. Anyway, I was 
hoping for something opposite -- that architecture is modular, and 
you simply add/activate hash module, not recompile entire library.

On Sunday 13 March 2011 14:47:33 Milan Broz wrote:

> The best is paste error messages (add --debug) so it is clear what
> is the exact problem.

Code 22: Requested LUKS hash ripemd320 is not supported.

Options used -v and --debug.

I use the hash as hash for dmcrypt, --hash ripemd320

> (Better ask on kernel crypto list
> http://vger.kernel.org/vger-lists.html#linux-crypto )

Ok, thank you.


Kind regards,