From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-yh0-x235.google.com (mail-yh0-x235.google.com [IPv6:2607:f8b0:4002:c01::235]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Thu, 7 Aug 2014 03:09:56 +0200 (CEST) Received: by mail-yh0-f53.google.com with SMTP id c41so2406301yho.26 for ; Wed, 06 Aug 2014 18:09:54 -0700 (PDT) MIME-Version: 1.0 Reply-To: hgabreu@gmail.com From: Henrique Abreu Date: Wed, 6 Aug 2014 22:09:34 -0300 Message-ID: Content-Type: multipart/alternative; boundary=001a11c202b811640d04ffffbf83 Subject: [dm-crypt] luks header on initramfs img List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de --001a11c202b811640d04ffffbf83 Content-Type: text/plain; charset=ISO-8859-1 I use to have a setup with luks header on a separate file, as describe here: https://wiki.archlinux.org/index.php/Dm-crypt/Specialties#Encrypted_system_using_a_remote_LUKS_header But since update from 1.6.4 to 1.6.5 it doesn't work anymore. It just keeps asking for the passphrase on and on without any error messages. I noticed that, if I mount a usb drive and move the header from memory to the drive, then attempt to open again with the exact same command (below) it works: # cryptsetup open --header header.img --type luks /dev/sda4 lvm So, the difference is just where the header.img file is placed. For now, I have downgraded back to 1.6.4 to keep my boot setup simpler. I rather use the header image inside initramfs if possible instead of having to mount a usb at boot just to read the header. Does anyone know if that's intended for not working anymore or if it's a bug? Thanks, Henrique Abreu --001a11c202b811640d04ffffbf83 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
I use to have a setup with luks header on a separate = file, as describe here:

But since update from 1.6.4 to 1.6.5 it doesn'= ;t work anymore. It just keeps asking for the passphrase on and on without = any error messages.

I noticed that, if I mount a u= sb drive and move the header from memory to the drive, then attempt to open= again with the exact same command (below) it works:
# cryptsetup open --header header.img --type luks /dev/sda4 lvm
<= div>
So, the difference is just where the header.img file is = placed. For now, I have downgraded back to 1.6.4 to keep my boot setup simp= ler.
I rather use the header image inside initramfs if possible instead of = having to mount a usb at boot just to read the header.

=
Does anyone know if that's intended for not working anymore or if = it's a bug?

Thanks,

Henrique Abreu
--001a11c202b811640d04ffffbf83-- From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wg0-x22e.google.com (mail-wg0-x22e.google.com [IPv6:2a00:1450:400c:c00::22e]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Thu, 7 Aug 2014 06:16:49 +0200 (CEST) Received: by mail-wg0-f46.google.com with SMTP id m15so3514217wgh.29 for ; Wed, 06 Aug 2014 21:16:48 -0700 (PDT) Message-ID: <53E2FDAD.8080603@gmail.com> Date: Thu, 07 Aug 2014 06:16:45 +0200 From: Milan Broz MIME-Version: 1.0 References: In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] luks header on initramfs img List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: hgabreu@gmail.com, dm-crypt@saout.de On 08/07/2014 03:09 AM, Henrique Abreu wrote: > I use to have a setup with luks header on a separate file, as describe here: > https://wiki.archlinux.org/index.php/Dm-crypt/Specialties#Encrypted_system_using_a_remote_LUKS_header > > But since update from 1.6.4 to 1.6.5 it doesn't work anymore. It just keeps asking for the passphrase on and on without any error messages. > > I noticed that, if I mount a usb drive and move the header from memory to the drive, then attempt to open again with the exact same command (below) it works: > # cryptsetup open --header header.img --type luks /dev/sda4 lvm > > So, the difference is just where the header.img file is placed. For now, I have downgraded back to 1.6.4 to keep my boot setup simpler. > I rather use the header image inside initramfs if possible instead of having to mount a usb at boot just to read the header. > > Does anyone know if that's intended for not working anymore or if it's a bug? There is no reason this should not work. (It could be bug elsewhere as well, 1.6.5 already uncovered 2 kernel bugs...) Can you paste debug output from the failing command? (Add --debug option.) Thanks, Milan From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wi0-x230.google.com (mail-wi0-x230.google.com [IPv6:2a00:1450:400c:c05::230]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Fri, 8 Aug 2014 15:22:36 +0200 (CEST) Received: by mail-wi0-f176.google.com with SMTP id bs8so1011492wib.15 for ; Fri, 08 Aug 2014 06:22:36 -0700 (PDT) Message-ID: <53E4CF19.1090904@gmail.com> Date: Fri, 08 Aug 2014 15:22:33 +0200 From: Milan Broz MIME-Version: 1.0 References: <53E2FDAD.8080603@gmail.com> In-Reply-To: <53E2FDAD.8080603@gmail.com> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] luks header on initramfs img List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: hgabreu@gmail.com, dm-crypt@saout.de On 08/07/2014 06:16 AM, Milan Broz wrote: > On 08/07/2014 03:09 AM, Henrique Abreu wrote: >> I use to have a setup with luks header on a separate file, as describe here: >> https://wiki.archlinux.org/index.php/Dm-crypt/Specialties#Encrypted_system_using_a_remote_LUKS_header >> >> But since update from 1.6.4 to 1.6.5 it doesn't work anymore. It just keeps asking for the passphrase on and on without any error messages. >> >> I noticed that, if I mount a usb drive and move the header from memory to the drive, then attempt to open again with the exact same command (below) it works: >> # cryptsetup open --header header.img --type luks /dev/sda4 lvm >> >> So, the difference is just where the header.img file is placed. For now, I have downgraded back to 1.6.4 to keep my boot setup simpler. >> I rather use the header image inside initramfs if possible instead of having to mount a usb at boot just to read the header. >> >> Does anyone know if that's intended for not working anymore or if it's a bug? > > There is no reason this should not work. > (It could be bug elsewhere as well, 1.6.5 already uncovered 2 kernel bugs...) Should be fixed in devel git (and in 1.6.6 which will be released in a few days). (Basically I forgot to use wrapper for device open which avoids using O_DIRECT if not supported, like in tmpfs.) Thanks for report! Milan From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-yh0-x22d.google.com (mail-yh0-x22d.google.com [IPv6:2607:f8b0:4002:c01::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Fri, 8 Aug 2014 20:16:45 +0200 (CEST) Received: by mail-yh0-f45.google.com with SMTP id 29so4338424yhl.4 for ; Fri, 08 Aug 2014 11:16:43 -0700 (PDT) MIME-Version: 1.0 Reply-To: hgabreu@gmail.com In-Reply-To: <53E4CF19.1090904@gmail.com> References: <53E2FDAD.8080603@gmail.com> <53E4CF19.1090904@gmail.com> From: Henrique Abreu Date: Fri, 8 Aug 2014 15:16:22 -0300 Message-ID: Content-Type: multipart/alternative; boundary=089e0160c36011fb6705002235d0 Subject: Re: [dm-crypt] luks header on initramfs img List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Milan Broz Cc: dm-crypt@saout.de --089e0160c36011fb6705002235d0 Content-Type: text/plain; charset=ISO-8859-1 Thanks a lot Milan and sorry I hadn't had time to sent you the debug output. Looking forward to version 1.6.6 Thanks, Henrique Abreu On Fri, Aug 8, 2014 at 10:22 AM, Milan Broz wrote: > On 08/07/2014 06:16 AM, Milan Broz wrote: > > On 08/07/2014 03:09 AM, Henrique Abreu wrote: > >> I use to have a setup with luks header on a separate file, as describe > here: > >> > https://wiki.archlinux.org/index.php/Dm-crypt/Specialties#Encrypted_system_using_a_remote_LUKS_header > >> > >> But since update from 1.6.4 to 1.6.5 it doesn't work anymore. It just > keeps asking for the passphrase on and on without any error messages. > >> > >> I noticed that, if I mount a usb drive and move the header from memory > to the drive, then attempt to open again with the exact same command > (below) it works: > >> # cryptsetup open --header header.img --type luks /dev/sda4 lvm > >> > >> So, the difference is just where the header.img file is placed. For > now, I have downgraded back to 1.6.4 to keep my boot setup simpler. > >> I rather use the header image inside initramfs if possible instead of > having to mount a usb at boot just to read the header. > >> > >> Does anyone know if that's intended for not working anymore or if it's > a bug? > > > > There is no reason this should not work. > > (It could be bug elsewhere as well, 1.6.5 already uncovered 2 kernel > bugs...) > > Should be fixed in devel git (and in 1.6.6 which will be released in a few > days). > (Basically I forgot to use wrapper for device open which avoids using > O_DIRECT > if not supported, like in tmpfs.) > > Thanks for report! > > Milan > --089e0160c36011fb6705002235d0 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
Thanks a lot Milan and sorry I hadn't had time to sent= you the debug output.

Looking forward to version 1.6.6<= /div>

Thanks,

Henrique Abreu


On Fri, Aug 8, 2014 at 10:22 AM, Milan B= roz <gmazyland@gmail.com> wrote:
On 08/07/2014 06:16 AM, Milan Broz = wrote:
> On 08/07/2014 03:09 AM, Henrique Abreu wrote:
>> I use to have a setup with luks header on a separate file, as desc= ribe here:
>> https://w= iki.archlinux.org/index.php/Dm-crypt/Specialties#Encrypted_system_using_a_r= emote_LUKS_header
>>
>> But since update from 1.6.4 to 1.6.5 it doesn't work anymore. = It just keeps asking for the passphrase on and on without any error message= s.
>>
>> I noticed that, if I mount a usb drive and move the header from me= mory to the drive, then attempt to open again with the exact same command (= below) it works:
>> # cryptsetup open --header header.img --type luks /dev/sda4 lvm >>
>> So, the difference is just where the header.img file is placed. Fo= r now, I have downgraded back to 1.6.4 to keep my boot setup simpler.
>> I rather use the header image inside initramfs if possible instead= of having to mount a usb at boot just to read the header.
>>
>> Does anyone know if that's intended for not working anymore or= if it's a bug?
>
> There is no reason this should not work.
> (It could be bug elsewhere as well, 1.6.5 already uncovered 2 kernel b= ugs...)

Should be fixed in devel git (and in 1.6.6 which will be releas= ed in a few days).
(Basically I forgot to use wrapper for device open which avoids using O_DIR= ECT
if not supported, like in tmpfs.)

Thanks for report!

Milan

--089e0160c36011fb6705002235d0--