You are not logged in.
The webpage for the new cryptsetup package doesn't seem to have a relevant FAQ, so I though I'd ask here -- how do I use the new cryptsetup with existing encrypted loop files?
For cryptsetup-0.2pre1-1 and earlier, I would do something like (with an encrypted key file):
> losetup /dev/loop0 /path/to/loop/file
> cat /path/to/key.file | openssl aes-256-ecb -d | cryptsetup create encryptedVolume /dev/loop0
> mount /dev/mapper/encryptedVolume /mnt/encrypted
But after upgrading to cryptsetup-1.0.1-1, the mount command tells me "you must specify the filesystem type". And then throwing in a
> mount -t ext2 /dev/mapper/encryptedVolume /mnt/encrypted
tells me that either it's not an ext2 filesystem or that the superblock is corrupt!!
Then I started freaking out, but a downgrade to cryptsetup-0.2pre1-1 allowed me to access my data again.
This cryptsetup-luks stuff seems like it is only for encrypting partitions, can't seem to find anything about loop devices in there... ?
Offline
Odd. In my tests, the new cryptsetup was perfectly compatible with devices encrypted with 0.1 or 0.2pre1.
cryptsetup (old or new) itself doesn't care if it's loopback device or not, it just wants any ol' block device.
If I were to guess, I'd say there's some problem with the keyfile going in. Is your keyfile a hash, or the plain-text password? If it's plaintext, you could try using the hashalot program to generate a new key file that can be used with cryptsetup's -d switch.
# cat /path/to/old/key.file | hashalot -n 32 ripemd160 >new.key
# losetup /dev/loop/0 secret.file
# cryptsetup -d new.key create topsecret /dev/loop/0
I've never used openssl to hash them before, but hashalot's ripemd160 hashes seem to work fine with cryptsetup.
Offline