* [dm-crypt] Detached header offset
@ 2017-04-13 10:18 7heo
2017-04-13 11:02 ` Milan Broz
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: 7heo @ 2017-04-13 10:18 UTC (permalink / raw)
To: dm-crypt
Hey all,
I assumed that there was on option to give the offset of the header on a
disk, but this option is only accepted for loopaes and plain devices,
according to the man.
There's another option to give an offset, for the key-file, but as far
as I could understand, this is for the offset of the key slots
relatively to the start of the partition they're on.
Also --align-payload only works on the data.
So is there a way to place a detached header arbitrarily on a disk, and
not at the start of a partition?
Best regards,
Theo.
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [dm-crypt] Detached header offset
2017-04-13 10:18 [dm-crypt] Detached header offset 7heo
@ 2017-04-13 11:02 ` Milan Broz
2017-04-13 13:21 ` Robert Nichols
2017-04-13 13:36 ` Arno Wagner
2 siblings, 0 replies; 4+ messages in thread
From: Milan Broz @ 2017-04-13 11:02 UTC (permalink / raw)
To: 7heo, dm-crypt
On 04/13/2017 12:18 PM, 7heo wrote:
> Hey all,
>
> I assumed that there was on option to give the offset of the header on a
> disk, but this option is only accepted for loopaes and plain devices,
> according to the man.
Neither loopaes nor plain device use header. Where do you see this?
> There's another option to give an offset, for the key-file, but as far
> as I could understand, this is for the offset of the key slots
> relatively to the start of the partition they're on.
>
> Also --align-payload only works on the data.
All offsets works only for data.
> So is there a way to place a detached header arbitrarily on a disk, and
> not at the start of a partition?
No. LUKS1 offset always starts at sector 0.
All tools like blkid search for header at this location, you cannot
arbitrarily change offset.
You can only set data payload offset to 0 if detached header is used
(it means that no header is on the data device itself.)
Milan
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [dm-crypt] Detached header offset
2017-04-13 10:18 [dm-crypt] Detached header offset 7heo
2017-04-13 11:02 ` Milan Broz
@ 2017-04-13 13:21 ` Robert Nichols
2017-04-13 13:36 ` Arno Wagner
2 siblings, 0 replies; 4+ messages in thread
From: Robert Nichols @ 2017-04-13 13:21 UTC (permalink / raw)
To: dm-crypt
On 04/13/2017 05:18 AM, 7heo wrote:
>
> So is there a way to place a detached header arbitrarily on a disk, and not at the start of a partition?
It's not supported within cryptsetup, but you can always use "losetup" to create a loop device starting at the needed offset and then specify that loop device as the detached header:
Loopdev=$(losetup -f --show -o 65536 /dev/{whatever}
cryptsetup luksOpen --header $Loopdev ...
losetup -d $Loopdev
--
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [dm-crypt] Detached header offset
2017-04-13 10:18 [dm-crypt] Detached header offset 7heo
2017-04-13 11:02 ` Milan Broz
2017-04-13 13:21 ` Robert Nichols
@ 2017-04-13 13:36 ` Arno Wagner
2 siblings, 0 replies; 4+ messages in thread
From: Arno Wagner @ 2017-04-13 13:36 UTC (permalink / raw)
To: dm-crypt
Hi Theo,
since it is a detached header, you could probably do a mapping
to file from the raw sectors, using losetup like this
losetup -o offset --sizelimit <header size> /dev/loop0 <dev_raw_disk>
and then use that as the file-argument for the detached header.
I would say that this is exceedingly "hackish" and probably
asking for a lot of potentially painful problems.
You could probably also (even worse idea) use LVM to combine
the sectors for the header and the ones for the data into a
complete LUKS device (i.e. no detached header in the final thing).
Regards,
Arno
On Thu, Apr 13, 2017 at 12:18:08 CEST, 7heo wrote:
> Hey all,
>
> I assumed that there was on option to give the offset of the header on a
> disk, but this option is only accepted for loopaes and plain devices,
> according to the man.
>
> There's another option to give an offset, for the key-file, but as far as I
> could understand, this is for the offset of the key slots relatively to the
> start of the partition they're on.
>
> Also --align-payload only works on the data.
>
> So is there a way to place a detached header arbitrarily on a disk, and not
> at the start of a partition?
>
> Best regards,
> Theo.
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
--
Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@wagner.name
GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato
If it's in the news, don't worry about it. The very definition of
"news" is "something that hardly ever happens." -- Bruce Schneier
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2017-04-13 13:36 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-04-13 10:18 [dm-crypt] Detached header offset 7heo
2017-04-13 11:02 ` Milan Broz
2017-04-13 13:21 ` Robert Nichols
2017-04-13 13:36 ` Arno Wagner
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.