[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#759148: marked as done (d-i manual: loop-AES no longer supported - update docs)

Your message dated Tue, 26 Aug 2014 21:01:33 +0200
with message-id <20140826210133.769ea98f9b1f9a7f34c361d0@mailbox.org>
and subject line Re: Bug#759148: d-i manual: loop-AES no longer supported - update docs
has caused the Debian Bug report #759148,
regarding d-i manual: loop-AES no longer supported - update docs
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
759148: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759148
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: installation-guide
Tags: patch


Hi,

In netinst CD Jessie Beta1 there seems to be no support for crypt method
loop-AES. I suspect this is intended.

The d-i manual therefore needs an update.

Patch attached.



Cheers
Holger

-- 
Holger Wansing <hwansing@mailbox.org>

Index: boot-new/mount-encrypted.xml
===================================================================
--- boot-new/mount-encrypted.xml	(Revision 69255)
+++ boot-new/mount-encrypted.xml	(Arbeitskopie)
@@ -8,13 +8,14 @@
 
 If you created encrypted volumes during the installation and assigned
 them mount points, you will be asked to enter the passphrase for each
-of these volumes during the boot. The actual procedure differs
-slightly between dm-crypt and loop-AES.
+of these volumes during the boot.
 
 </para>
 
+<!--
   <sect2 id="mount-dm-crypt">
   <title>dm-crypt</title>
+-->
 
 <para>
 
@@ -68,6 +69,7 @@
 After entering all passphrases the boot should continue as usual.
 
 </para>
+<!-- loop-AES is not supported by the installer at the moment
   </sect2>
 
   <sect2 id="mount-loop-aes">
@@ -98,6 +100,7 @@
 
 </para>
   </sect2>
+-->
 
   <sect2 id="crypto-troubleshooting">
   <title>Troubleshooting</title>
@@ -122,7 +125,10 @@
 
 The easiest case is for encrypted volumes holding data like
 <filename>/home</filename> or <filename>/srv</filename>. You can
-simply mount them manually after the boot. For loop-AES this is
+simply mount them manually after the boot.
+
+<!--
+For loop-AES this is
 a one-step operation:
 
 <informalexample><screen>
@@ -136,8 +142,9 @@
 the passphrase for this volume.
 
 </para><para>
+-->
 
-For dm-crypt this is a bit trickier. First you need to register the
+For dm-crypt this is a bit tricky. First you need to register the
 volumes with <application>device mapper</application> by running:
 
 <informalexample><screen>
Index: using-d-i/modules/partman-crypto.xml
===================================================================
--- using-d-i/modules/partman-crypto.xml	(Revision 69255)
+++ using-d-i/modules/partman-crypto.xml	(Arbeitskopie)
@@ -104,7 +104,7 @@
 </varlistentry>
 
 <varlistentry>
-<term>IV algorithm: <userinput>cbc-essiv:sha256</userinput></term>
+<term>IV algorithm: <userinput>xts-plain64</userinput></term>
 
 <listitem><para>
 
@@ -119,7 +119,7 @@
 </para><para>
 
 From the provided alternatives, the default
-<userinput>cbc-essiv:sha256</userinput> is currently the least
+<userinput>xts-plain64</userinput> is currently the least
 vulnerable to known attacks. Use the other alternatives only when you
 need to ensure compatibility with some previously installed system
 that is not able to use newer algorithms.
@@ -202,8 +202,10 @@
 </varlistentry>
 
 </variablelist>
+</para>
 
-</para><para>
+<!-- loop-AES is not supported by the installer at the moment
+<para>
 
 If you select <menuchoice> <guimenu>Encryption method:</guimenu>
 <guimenuitem>Loopback (loop-AES)</guimenuitem> </menuchoice>, the menu
@@ -264,7 +266,10 @@
 
 Please see the section on erasing data above.
 
-</para></listitem>
+</para>
+-->
+
+</listitem>
 </varlistentry>
 
 </variablelist>
@@ -321,16 +326,12 @@
 
 After returning to the main partitioning menu, you will see all
 encrypted volumes as additional partitions which can be configured in
-the same way as ordinary partitions. The following example shows two
-different volumes. The first one is encrypted via dm-crypt, the second
-one via loop-AES.
+the same way as ordinary partitions. The following example shows a
+volume encrypted via dm-crypt.
 
 <informalexample><screen>
 Encrypted volume (<replaceable>sda2_crypt</replaceable>) - 115.1 GB Linux device-mapper
      #1 115.1 GB  F ext3
-
-Loopback (<replaceable>loop0</replaceable>) - 515.2 MB AES256 keyfile
-     #1 515.2 MB  F ext3
 </screen></informalexample>
 
 Now is the time to assign mount points to the volumes and optionally
@@ -340,7 +341,7 @@
 
 Pay attention to the identifiers in parentheses
 (<replaceable>sda2_crypt</replaceable>
-and <replaceable>loop0</replaceable> in this case) and the mount
+in this case) and the mount
 points you assigned to each encrypted volume. You will need this
 information later when booting the new system. The differences between
 the ordinary boot process and the boot process with encryption involved will

--- End Message ---
--- Begin Message --- 
Hi,

Cyril Brulebois <kibi@debian.org> wrote:
> Holger Wansing <hwansing@mailbox.org> (2014-08-25):
> > That would probably mean, I could remove the loop-AES paragraphs
> > instead of commenting them.
> 
> That would look good to me, unless I missed something.

Applied.

Closing this bug.


-- 
Holger Wansing <hwansing@mailbox.org>

--- End Message ---
Reply to: