From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <msalists@gmx.net>
Received: from mout.gmx.net (mout.gmx.net [212.227.15.15])
 (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mail.server123.net (Postfix) with ESMTPS
 for <dm-crypt@saout.de>; Tue, 30 Dec 2014 19:18:38 +0100 (CET)
Received: from [192.168.99.197] ([70.187.182.227]) by mail.gmx.com (mrgmx003)
 with ESMTPSA (Nemesis) id 0M4Gyx-1Xnwcv0fwJ-00rojV for
 <dm-crypt@saout.de>; Tue, 30 Dec 2014 19:18:38 +0100
Message-ID: <54A2EC7E.7030201@gmx.net>
Date: Tue, 30 Dec 2014 10:18:38 -0800
From: "msalists@gmx.net" <msalists@gmx.net>
MIME-Version: 1.0
References: <549E63FE.8020602@gmx.net> <20141227101133.GA21707@tansi.org>
 <54A1A63D.5060604@gmx.net> <54A1AB87.1070804@yahoo.com>
 <54A20EDA.9030400@gmx.net> <20141230100413.GA11208@tansi.org>
In-Reply-To: <20141230100413.GA11208@tansi.org>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [dm-crypt] Asustor NAS and cryptsetup 1.6.1
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt/>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: "dm-crypt@saout.de" <dm-crypt@saout.de>

They are reluctant to give out any details, but are saying that they 
will be releasing a new version of their software in the coming weeks 
that uses ecryptfs instead.
Is this a step forward or backward (or rather just "sideways")?

Mark

On 2014-12-30 02:04, Arno Wagner wrote:
> On Tue, Dec 30, 2014 at 03:32:58 CET, msalists@gmx.net wrote:
>> On 2014-12-29 11:29, Quentin Lefebvre wrote:
>>> On 29/12/2014 20:06, msalists@gmx.net wrote :
>>>> Assuming I did create the container with aes-cbc-essiv:sha256; would
>>>> cryptsetup automatically figure out the correct parameters when it is
>>>> subsequently called without those parameters to mount the container?
>>>> Or do non-default parameters at creation time require the same
>>>> non-default parameters again for subsequent mounts?
>>> As you may have understood, in plain mode, there is no header, so
>>> no way for cryptsetup to guess the algorithm used. Thus, if it is
>>> a non-default one, it must be specified also at mount time.
>>>
>> Hm, makes sense. Is there some kind of a config file that I could
>> specify the parameters in, and that would be read prior to using the
>> defaults - similar to how some parameters for mount can be specified
>> in /etc/fstab ?
> Only if the NAS-makers added one. cryptsetup does not have
> a mechanism for this.
>
> Arno