From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <mbroz@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
 by mail.saout.de (Postfix) with ESMTP
 for <dm-crypt@saout.de>; Wed, 13 Apr 2011 15:57:41 +0200 (CEST)
Received: from int-mx09.intmail.prod.int.phx2.redhat.com
 (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22])
 by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id p3DDvdr8012425
 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK)
 for <dm-crypt@saout.de>; Wed, 13 Apr 2011 09:57:40 -0400
Received: from [10.36.5.98] (vpn1-5-98.ams2.redhat.com [10.36.5.98])
 by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id
 p3DDvcD3027874
 for <dm-crypt@saout.de>; Wed, 13 Apr 2011 09:57:39 -0400
Message-ID: <4DA5ABD1.3030509@redhat.com>
Date: Wed, 13 Apr 2011 15:57:37 +0200
From: Milan Broz <mbroz@redhat.com>
MIME-Version: 1.0
References: <BANLkTinGZRRwidq_DUyzjyDwt_6Dih7EJA@mail.gmail.com>
 <20110413132105.GB12090@tansi.org>
In-Reply-To: <20110413132105.GB12090@tansi.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [dm-crypt] Replacing cryptoloop with dm-crypt in Debian with
 twofish and offset
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

On 04/13/2011 03:21 PM, Arno Wagner wrote:
> Hi,
> 
> one thing that I immediately see is that losetup
> specifies the offset in bytes, while cryptsetup uses
> sectors (of 512 bytes).
> 
> Maybe try 
> 
>   cryptsetup create -c twofish -o 5 testAB /dev/sdb1

yes, and there are many more options - because the losetup
exists in many versions, you need to check what exactly
it uses - then just setup parameters accordingly.

- note offset bytes vs sectors (see above)
- sometimes you need to set not only offset but also IV offset (to the same value)
- note encryption mode (probably you need "-c twofish-cbc-plain")
- key size (for 128 bits use "-s 128")
- hash algorithm for passphrase (perhaps ripemd160, maybe sha256)

Example (I am using loop-aes patched losetup here, so it may be quite different for you):

losetup-aes -e aes128 -o 2560 /dev/loop0 /dev/sdb

is equivalent to 

cryptsetup create -o 5 --skip 5 -c aes-cbc-plain -s 128 -h sha256 <name> /dev/sdb

but as I said, it depends which losetup you are using, it is quite mess sometimes:-)
(and it cannot be autodetected easily...)

Milan