Bug#759148: d-i manual: loop-AES no longer supported - update docs

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#759148: d-i manual: loop-AES no longer supported - update docs
From: Holger Wansing <hwansing@mailbox.org>
Date: Sun, 24 Aug 2014 22:19:50 +0200
Message-id: <[🔎] 20140824221950.a75afc2bbf9ff63a6089eab7@mailbox.org>
Reply-to: Holger Wansing <hwansing@mailbox.org>, 759148@bugs.debian.org

Package: installation-guide
Tags: patch


Hi,

In netinst CD Jessie Beta1 there seems to be no support for crypt method
loop-AES. I suspect this is intended.

The d-i manual therefore needs an update.

Patch attached.



Cheers
Holger

-- 
Holger Wansing <hwansing@mailbox.org>

Index: boot-new/mount-encrypted.xml
===================================================================
--- boot-new/mount-encrypted.xml	(Revision 69255)
+++ boot-new/mount-encrypted.xml	(Arbeitskopie)
@@ -8,13 +8,14 @@
 
 If you created encrypted volumes during the installation and assigned
 them mount points, you will be asked to enter the passphrase for each
-of these volumes during the boot. The actual procedure differs
-slightly between dm-crypt and loop-AES.
+of these volumes during the boot.
 
 </para>
 
+<!--
   <sect2 id="mount-dm-crypt">
   <title>dm-crypt</title>
+-->
 
 <para>
 
@@ -68,6 +69,7 @@
 After entering all passphrases the boot should continue as usual.
 
 </para>
+<!-- loop-AES is not supported by the installer at the moment
   </sect2>
 
   <sect2 id="mount-loop-aes">
@@ -98,6 +100,7 @@
 
 </para>
   </sect2>
+-->
 
   <sect2 id="crypto-troubleshooting">
   <title>Troubleshooting</title>
@@ -122,7 +125,10 @@
 
 The easiest case is for encrypted volumes holding data like
 <filename>/home</filename> or <filename>/srv</filename>. You can
-simply mount them manually after the boot. For loop-AES this is
+simply mount them manually after the boot.
+
+<!--
+For loop-AES this is
 a one-step operation:
 
 <informalexample><screen>
@@ -136,8 +142,9 @@
 the passphrase for this volume.
 
 </para><para>
+-->
 
-For dm-crypt this is a bit trickier. First you need to register the
+For dm-crypt this is a bit tricky. First you need to register the
 volumes with <application>device mapper</application> by running:
 
 <informalexample><screen>
Index: using-d-i/modules/partman-crypto.xml
===================================================================
--- using-d-i/modules/partman-crypto.xml	(Revision 69255)
+++ using-d-i/modules/partman-crypto.xml	(Arbeitskopie)
@@ -104,7 +104,7 @@
 </varlistentry>
 
 <varlistentry>
-<term>IV algorithm: <userinput>cbc-essiv:sha256</userinput></term>
+<term>IV algorithm: <userinput>xts-plain64</userinput></term>
 
 <listitem><para>
 
@@ -119,7 +119,7 @@
 </para><para>
 
 From the provided alternatives, the default
-<userinput>cbc-essiv:sha256</userinput> is currently the least
+<userinput>xts-plain64</userinput> is currently the least
 vulnerable to known attacks. Use the other alternatives only when you
 need to ensure compatibility with some previously installed system
 that is not able to use newer algorithms.
@@ -202,8 +202,10 @@
 </varlistentry>
 
 </variablelist>
+</para>
 
-</para><para>
+<!-- loop-AES is not supported by the installer at the moment
+<para>
 
 If you select <menuchoice> <guimenu>Encryption method:</guimenu>
 <guimenuitem>Loopback (loop-AES)</guimenuitem> </menuchoice>, the menu
@@ -264,7 +266,10 @@
 
 Please see the section on erasing data above.
 
-</para></listitem>
+</para>
+-->
+
+</listitem>
 </varlistentry>
 
 </variablelist>
@@ -321,16 +326,12 @@
 
 After returning to the main partitioning menu, you will see all
 encrypted volumes as additional partitions which can be configured in
-the same way as ordinary partitions. The following example shows two
-different volumes. The first one is encrypted via dm-crypt, the second
-one via loop-AES.
+the same way as ordinary partitions. The following example shows a
+volume encrypted via dm-crypt.
 
 <informalexample><screen>
 Encrypted volume (<replaceable>sda2_crypt</replaceable>) - 115.1 GB Linux device-mapper
      #1 115.1 GB  F ext3
-
-Loopback (<replaceable>loop0</replaceable>) - 515.2 MB AES256 keyfile
-     #1 515.2 MB  F ext3
 </screen></informalexample>
 
 Now is the time to assign mount points to the volumes and optionally
@@ -340,7 +341,7 @@
 
 Pay attention to the identifiers in parentheses
 (<replaceable>sda2_crypt</replaceable>
-and <replaceable>loop0</replaceable> in this case) and the mount
+in this case) and the mount
 points you assigned to each encrypted volume. You will need this
 information later when booting the new system. The differences between
 the ordinary boot process and the boot process with encryption involved will

Reply to:

Follow-Ups:
- Bug#759148: d-i manual: loop-AES no longer supported - update docs
  - From: Cyril Brulebois <kibi@debian.org>
- Bug#759148: marked as done (d-i manual: loop-AES no longer supported - update docs)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#758921: debian-installer I18N: "partitioning iSCSI targets" not localized
Next by Date: Bug#758581: debian-installer: FTBFS on armhf/network-console: No library provides non-weak __aeabi_unwind_cpp_pr0
Previous by thread: Bug#751000: Installation in Virtualbox works now with EFI
Next by thread: Bug#759148: d-i manual: loop-AES no longer supported - update docs
Index(es):
- Date
- Thread