From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <wagner@tansi.org>
Received: from v6.tansi.org (ns.km31936-01.keymachine.de [87.118.116.4])
 by mail.server123.net (Postfix) with ESMTP
 for <dm-crypt@saout.de>; Sat,  6 Sep 2014 00:23:57 +0200 (CEST)
Received: from gatewagner.dyndns.org (77-57-44-24.dclient.hispeed.ch
 [77.57.44.24]) by v6.tansi.org (Postfix) with ESMTPA id 45DDE20DC1EA
 for <dm-crypt@saout.de>; Sat,  6 Sep 2014 00:23:57 +0200 (CEST)
Date: Sat, 6 Sep 2014 00:23:56 +0200
From: Arno Wagner <arno@wagner.name>
Message-ID: <20140905222356.GA8279@tansi.org>
References: <27d5e048ef3f17501e9e92019b4c7643.squirrel@ssl.verfeiert.org>
 <5404D045.5020002@gmail.com>
 <8eb220aa5096641f9144b1128d117ed4.squirrel@ssl.verfeiert.org>
 <5404DA01.2050507@gmail.com>
 <57348c6a4168767613f999ddabe9a54f.squirrel@ssl.verfeiert.org>
 <5407482C.1060902@gmail.com>
 <3ff26a70ae9179ea3c37012459998cf4.squirrel@ssl.verfeiert.org>
 <54081391.6000003@gmail.com>
 <6899887c4cbe94228dea5619a57f64aa.squirrel@ssl.verfeiert.org>
 <5409D6D6.5050305@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <5409D6D6.5050305@gmail.com>
Subject: Re: [dm-crypt] cryptsetup upgrade to 1.6.x unlocking problem in
 initramfs
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt/>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

On Fri, Sep 05, 2014 at 17:29:26 CEST, Milan Broz wrote:
[...] 
> I do not think there is a list of required kernel modules. Perhaps it
> should be added somewhere.  But I am afraid exact list will depend on
> kernel versions and other configuration (crypto mgr, fips, hw accel. 
> support, ...)
> 
> In short, for kernel backend, AF_ALG must be supported in general.
> 
> Then for LUKS: generic hash support, specific hash used in LUKS and HMAC
> is required.  With 1.6.5 and later it will optionally utilize also
> skcipher interface (so you need the block cipher and block mode used in
> LUKS header.
> 
> For TrueCrypt support you need the same, (hash, hmac, block cipher, block
> mode).
> 
> Perhaps man page or FAQ could be more descriptive here (... send a patch
> ;-)

It think eventually we will need some kind of trouble-shooting
FAQ or manual, but at this time it seems the incidents where that
problem manifests are rare enough that we can deal on the list 
with it. I have been thinking for a while about splitting up
the FAQ though, but at the moment I simply do not have the time 
to it right. Maybe later this year.

Gr"usse,
Arno

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier