From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mail.saout.de (Postfix) with ESMTP for ; Mon, 21 Mar 2011 19:21:54 +0100 (CET) Message-ID: <4D87973E.1090300@redhat.com> Date: Mon, 21 Mar 2011 19:21:50 +0100 From: Milan Broz MIME-Version: 1.0 References: <4D7E53E5.3040007@redhat.com> <20110314221329.19d588ea@gmail.com> In-Reply-To: <20110314221329.19d588ea@gmail.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] [ANNOUNCE] cryptsetup 1.3.0-rc1 (test release candidate) List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Rudolf Deilmann Cc: dm-crypt@saout.de On 03/14/2011 10:13 PM, Rudolf Deilmann wrote: > 2) Offset, skip and sizelimit support > I was able to open such a partition with plain dmsetup; 'cryptsetup > loopaesOpen' didn't work because '--size','--skip' and '--offset' are > not supported. Perhaps you could add support for these switches to > loopaesOpen; the necessary changes in cryptsetup seems trivial. > ( '--offset' - but not '--skip' - is already mentioned in the manpage > as a supported option for loopaesOpen ) I added offset support, seems loopAES always uses offset==skip (IOW initial vector is always related to absolute sector size on the device). Reading of keyfile from device can be limited by --keyfile-size switch, but as described elsewhere there is no internal gpg support, so gpg encrypted key is stored on device itself, you have to process it using gpg first. I do not plan to add sizelimit option, this can just cause confusion. (In fact you can do that using cryptsetup resize command afterwards or by limiting underlying device. If it is problem, please show me real example where it is needed.) I'll release another RC soon (also with keyfile limits rewritten). Thanks, Milan