On Fri, 2024-05-03 at 20:01 +0100, Bhasker C V wrote:
> From cryptsetup 2:2.6.1-4~deb12u2 to 2:2.7.2-2 (on trixie) the
> defaults for cipher and hash have changed.
> I have used the previous version and it is difficult to type cypher
> and hash every time a dm-plain device is opened
> Is there a way to setup defaults in a config file - the only other
> option is to fall back to cryptsetup 2.6.1 to continue using my
> encrypted devices rather than typing out
> aes-cbc-essiv:sha256 or ripemd160
There are a few options for this:
Create a new device using the new defaults, copy the data over and
continue with the new defaults.
Switch to a new device using LUKS, which stores the encryption type in
a header that is stored on the disk, so you don't have to specify it.
Store the settings in /etc/crypttab and rely on the default systemd
crypttab conversion scripts starting and mounting the device.
The crypttab manual page documents how to do this.
Create a script containing the desired values and run it to setup
devices instead of plain cryptsetup commands.
Create the same using manually created systemd unit files.
--
bye,
pabs
https://wiki.debian.org/PaulWise