[dm-crypt] Debian installer formatting LUKS2 devices by default?

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Guilhem Moulin <guilhem@fripost.org>
To: Milan Broz <gmazyland@gmail.com>
Cc: dm-crypt@saout.de
Subject: [dm-crypt] Debian installer formatting LUKS2 devices by default?
Date: Fri, 27 Jul 2018 16:16:26 +0800	[thread overview]
Message-ID: <20180727081626.GA29834@localhost.localdomain> (raw)

[-- Attachment #1: Type: text/plain, Size: 1059 bytes --]

Hi there,

Debian Buster will freeze at the beginning of next year and we have
people asking for the installer to format devices with `--type luks2`.

(FWIW, I think these requests to default to `--type luks2` are mostly
motivated by a better PBKDF, so nothing impossible to obtain by
conversion from an existing LUKS1 device.)

Personally I'd rather *not* have such custom defaults in the installer.
Do you have any plan to have `luksFormat` default to LUKS2 at some
point?  If so, any idea, when that would happen? ;-)  Given the warning
in the latest Release Notes [0] I assume LUKS2 is not mature enough for
our installer yet.  Not sure what other distros are doing, but for
Debian we're waiting for that scary warning to disappear (or
alternatively, an explicit blessing from upstream) before promoting
LUKS2 (and latter authenticated encryption — once a better AEAD
algorithm is available) in our installer and documentation :-)

Cheers,
-- 
Guilhem.

[0] https://kernel.org/pub/linux/utils/cryptsetup/v2.0/v2.0.3-ReleaseNotes

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

next             reply	other threads:[~2018-07-27  8:24 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-07-27  8:16 Guilhem Moulin [this message]
2018-07-30 10:51 ` [dm-crypt] Debian installer formatting LUKS2 devices by default? Milan Broz
2018-07-30 20:47   ` Guilhem Moulin
2018-07-31  6:00     ` Michael Kjörling
2018-07-31  7:53       ` Guilhem Moulin
2018-11-23  9:21         ` Milan Broz
2018-11-23 18:26           ` Guilhem Moulin
2018-11-23 18:46             ` Milan Broz
2019-01-25 13:54           ` Guilhem Moulin
2019-01-25 14:31             ` Milan Broz
2019-01-25 15:05               ` Guilhem Moulin
2019-02-05 15:29               ` Milan Broz
2018-07-31  8:56     ` Milan Broz

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180727081626.GA29834@localhost.localdomain \
    --to=guilhem@fripost.org \
    --cc=dm-crypt@saout.de \
    --cc=gmazyland@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.