Re: loop-aes in Debian Live
On 03/02/2011 06:12 AM, Ben Hutchings wrote:
> I seem to recall that Debian Live used to support using loop-aes for
> persistent storage, and that this is not possible (or difficult) in
> squeeze because of the removal of prebuilt loop-aes modules generated by
> linux-modules-extra. Is that correct?
having the rootfs encrypted was supported through loop-aes, which is not
possible with squeeze, yes. persistency was done through luks which
should work with squeeze (it's not much tested though).
> Max Vozeler worked on a replacement for loop-aes in the form of a
> compatible cipher mode for dm-crypt; Milan Broz has since polished up
> his changes; and they were accepted into Linux 2.6.38.
> If there are a substantial number of Debian Live users with loop-aes
> partitions, I think we can justify adding a backport of these changes to
> a point release of the kernel in squeeze. I don't know what changes
> would be needed outside of the kernel.
would be nice if you could include it, so we can advise people that
build images with encryption to use backports of live-boot (by
automatially including them from live.d.n with lb config -r
live.debian.net), once we've updated live-boot to work with it.
Address: Daniel Baumann, Burgunderstrasse 3, CH-4562 Biberist