Bug#759148: d-i manual: loop-AES no longer supported - update docs

To: 759148@bugs.debian.org
Subject: Bug#759148: d-i manual: loop-AES no longer supported - update docs
From: Holger Wansing <hwansing@mailbox.org>
Date: Sun, 24 Aug 2014 22:27:11 +0200
Message-id: <[🔎] 20140824222711.ff2c523e4917e4e59f6c01e4@mailbox.org>
Reply-to: Holger Wansing <hwansing@mailbox.org>, 759148@bugs.debian.org

I forgot to mention another thing:

the default value for "IV algorithm" under dm-crypt has been changed
from 'cbc-essiv:sha256' to 'xts-plain64'.

This is respected in my patch via this lines:



Index: using-d-i/modules/partman-crypto.xml
===================================================================
--- using-d-i/modules/partman-crypto.xml	(Revision 69255)
+++ using-d-i/modules/partman-crypto.xml	(Arbeitskopie)
@@ -104,7 +104,7 @@
 </varlistentry>
 
 <varlistentry>
-<term>IV algorithm: <userinput>cbc-essiv:sha256</userinput></term>
+<term>IV algorithm: <userinput>xts-plain64</userinput></term>
 
 <listitem><para>
 
@@ -119,7 +119,7 @@
 </para><para>
 
 From the provided alternatives, the default
-<userinput>cbc-essiv:sha256</userinput> is currently the least
+<userinput>xts-plain64</userinput> is currently the least
 vulnerable to known attacks. Use the other alternatives only when you
 need to ensure compatibility with some previously installed system
 that is not able to use newer algorithms.



-- 
Holger Wansing <hwansing@mailbox.org>

Reply to:

Prev by Date: Bug#758581: debian-installer: FTBFS on armhf/network-console: No library provides non-weak __aeabi_unwind_cpp_pr0
Next by Date: Bug#758752: Please enable building for arm64 (and armhf?)
Previous by thread: Bug#759148: marked as done (d-i manual: loop-AES no longer supported - update docs)
Next by thread: Bug#759154: d-i manual: partman no longer supports changing the partition size afterwards
Index(es):
- Date
- Thread