--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: crypto installation report (dm-crypt)
- From: Max Vozeler <max@nusquama.org>
- Date: Tue, 8 Aug 2006 01:39:35 +0200
- Message-id: <20060807233935.GA19272@dp.vpn.nusquama.org>
Package: installation-reports
Boot method: businesscard ISO
Image version: 2006-08-07 build from
http://cdimage.debian.org/cdimage/daily-builds/sid_d-i/arch-latest/i386/iso-cd/debian-testing-i386-businesscard.iso
Machine: VMWare Player 1.0.1 build-19317
Memory: 128MB
Partitions:
Filesystem Type 1K-blocks Used Available Use% Mounted on
/dev/sda1 ext3 918322 347392 521934 40% /
tmpfs tmpfs 63580 0 63580 0% /dev/shm
/dev/mapper/crypt0
ext3 44194 4133 37703 10% /home
/dev/mapper/crypt3
ext3 89329 4135 80428 5% /usr/local
tmpfs tmpfs 10240 100 10140 1% /dev
# /etc/fstab: static file system information.
#
# <file system> <mount point> <type> <options> <dump> <pass>
proc /proc proc defaults 0 0
/dev/sda1 / ext3 defaults,errors=remount-ro 0 1
/dev/mapper/crypt0 /home ext3 defaults 0 2
/dev/mapper/crypt1 /opt ext3 defaults 0 2
/dev/mapper/crypt3 /usr/local ext3 defaults 0 2
/dev/mapper/crypt2 none swap sw 0 0
/dev/hdc /media/cdrom0 udf,iso9660 user,noauto 0 0
/dev/fd0 /media/floppy0 auto rw,user,noauto 0 0
/etc/crypttab:
crypt0 /dev/sda2 none luks
crypt1 /dev/sda3 none luks
crypt2 /dev/sda5 /dev/random cipher=twofish-cbc-essiv:sha256,size=256,swap
crypt3 /dev/sda6 none luks
cryptsetup status crypt{0,1,2,3}:
/dev/mapper/crypt0 is active:
cipher: aes-cbc-essiv:sha256
keysize: 256 bits
device: /dev/.static/dev/sda2
offset: 2056 sectors
size: 94334 sectors
mode: read/write
/dev/mapper/crypt1 is inactive.
/dev/mapper/crypt2 is active:
cipher: twofish-cbc-essiv:sha256
keysize: 256 bits
device: /dev/.static/dev/sda5
offset: 0 sectors
size: 192717 sectors
mode: read/write
/dev/mapper/crypt3 is active:
cipher: aes-cbc-essiv:sha256
keysize: 256 bits
device: /dev/.static/dev/sda6
offset: 2056 sectors
size: 190661 sectors
mode: read/write
/proc/swaps:
Filename Type Size Used Priority
/dev/mapper/crypt2 partition 96348 0 -1
Initial boot worked: [O]
Configure network HW: [O]
Config network: [O]
Detect CD: [O]
Load installer modules: [O]
Detect hard drives: [O]
Partition hard drives: [O]
Create file systems: [O]
Mount partitions: [O]
Install base system: [O]
Install boot loader: [O]
Reboot: [O]
This install was focused on testing dm-crypt support in
partman-crypto. It was done in german language.
Test (features):
OK /home Passphrase (crypt0, aes-cbc-essiv:sha256, 256 bits)
FAIL /opt Passphrase (crypt1, serpent-cbc, 256 bits)
OK swap Random key (crypt2, twofish-cbc-essiv:sha256, 256 bits)
OK /usr/local Passphrase (crypt3, aes-cbc-essiv:sha256, 256 bits)
Test (sanity-checks):
OK weak passphrase
OK ext3 on random key
OK unencrypted swap before "Configure encrypted volumes"
FAIL unencrypted swap added later on
Usability:
1. It was a little confusing that after I was asked to enter the
passphrases for sda2, sda3 and sda6, there was no apparent way to
"connect" which of those partitions corresponded to which of the
encrypted volumes in the main partman menu. This might be related
to the german language setting: The mountpoint column showed part
of the string "Verschlüsseltes Volume (%s)" (translation for:
"Encrypted volume (%s)"), but the string was cut in the middle of
"Volume" IIRC, so that the part that includes the name of the
actual encrypted device was not visible.
Problems:
2. For the encrypted device crypt1 on /dev/sda3 I entered a
passphrase that included two umlauts. The first odd thing was that
the asterisk usually shown in the passphrase entry field was shown
differently: The asterisk appeared, but the cursor was not advanced
to the next character. I continued through the installation, but
found that entering the same passphrase during boot did not work. I
tried unsetting LANG, calling unicode_start/_stop before running
/etc/init.d/cryptdisks start once the system had booted, but none
of those combinations would accept the original passphrase
("äppelwöi"). This is a little surprising, because S05keymap.sh
runs earlier during boot than S26cryptdisks-early.
The install was successfull apart from the above issues.
cheers,
Max
--- End Message ---
--- Begin Message ---
Source: partman-crypto
Source-Version: 16
We believe that the bug you reported is fixed in the latest version of
partman-crypto, which is due to be installed in the Debian FTP archive:
partman-crypto-dm_16_all.udeb
to pool/main/p/partman-crypto/partman-crypto-dm_16_all.udeb
partman-crypto-loop_16_all.udeb
to pool/main/p/partman-crypto/partman-crypto-loop_16_all.udeb
partman-crypto_16.dsc
to pool/main/p/partman-crypto/partman-crypto_16.dsc
partman-crypto_16.tar.gz
to pool/main/p/partman-crypto/partman-crypto_16.tar.gz
partman-crypto_16_i386.udeb
to pool/main/p/partman-crypto/partman-crypto_16_i386.udeb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 381968@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Max Vozeler <xam@debian.org> (supplier of updated partman-crypto package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 22 Oct 2006 23:49:42 +0200
Source: partman-crypto
Binary: partman-crypto-dm partman-crypto partman-crypto-loop
Architecture: source all i386
Version: 16
Distribution: unstable
Urgency: low
Maintainer: Debian Install System Team <debian-boot@lists.debian.org>
Changed-By: Max Vozeler <xam@debian.org>
Description:
partman-crypto - Add to partman support for block device encryption (udeb)
partman-crypto-dm - Add to partman support for dm-crypt encryption (udeb)
partman-crypto-loop - Add to partman support for loop-AES encryption (udeb)
Closes: 381968 392080 393919
Changes:
partman-crypto (16) unstable; urgency=low
.
[ Frans Pop ]
* crypto_tools.sh: quote variable to avoid syntax error.
* Ask for passphrase and passphrase confirmation in one db_go.
* Change template type for empty passphrase to error.
.
[ Max Vozeler ]
* blockdev-keygen: Kill writer pipes on failure and move the
check for the entropy plugin to the start.
* Show short name of the crypto device in the mountpoint column
of the corresponding partition. Closes: #381968, #393919
.
[ David Härdeman ]
* Remove some hardcoded paths
* Allow safe-swap checks to walk the entire device-mapper tree,
meaning that swap-on-whatever-on-crypto is now ok. Loosely based
on a patch from James Westby <jw+debian@jameswestby.net>.
Closes: #392080
.
[ Updated translations ]
* Belarusian (be.po) by Andrei Darashenka
* Spanish (es.po) by Javier Fernández-Sanguino Peña
* Basque (eu.po) by Piarres Beobide
* Hindi (hi.po) by Nishant Sharma
* Hungarian (hu.po) by SZERVÃ?C Attila
* Icelandic (is.po) by David Steinn Geirsson
* Kurdish (ku.po) by Erdal Ronahi
* Macedonian (mk.po) by Georgi Stanojevski
* Norwegian Bokmål (nb.po) by Bjørn Steensrud
* Nepali (ne.po) by Shiva Prasad Pokharel
* Dutch (nl.po) by Bart Cornelis
* Romanian (ro.po) by Eddy PetriÈ?or
* Russian (ru.po) by Yuri Kozlov
* Albanian (sq.po) by Elian Myftiu
* Swedish (sv.po) by Daniel Nylander
* Tamil (ta.po) by Damodharan Rajalingam
* Vietnamese (vi.po) by Clytie Siddall
* Simplified Chinese (zh_CN.po) by Ming Hua
Files:
9a2a74eb0975f5bccd559106ecd440d3 681 debian-installer standard partman-crypto_16.dsc
3947f2be349cb39b943282fca2edb898 265286 debian-installer standard partman-crypto_16.tar.gz
3ed75a560b855dfb333233f5a6c2d8b0 1388 debian-installer optional partman-crypto-dm_16_all.udeb
dd879e7520c61537ec04080fa3247b59 1224 debian-installer optional partman-crypto-loop_16_all.udeb
d50e5a4b61b25311957ff96bfb915269 218064 debian-installer standard partman-crypto_16_i386.udeb
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFO+gZnVvVEbfNotwRAv2bAJ0Uzr3mr5TaEwH/PmemHE6tRvdXEQCgxwuQ
HOdk4m7/vDaibQeYqmNoZqE=
=HzT3
-----END PGP SIGNATURE-----
--- End Message ---