Re: loop-aes in Debian Live

[Daniel Baumann <daniel.baumann@progress-technologies.net>]

On 03/02/2011 06:12 AM, Ben Hutchings wrote:
> I seem to recall that Debian Live used to support using loop-aes for
> persistent storage, and that this is not possible (or difficult) in
> squeeze because of the removal of prebuilt loop-aes modules generated by
> linux-modules-extra.  Is that correct?

having the rootfs encrypted was supported through loop-aes, which is not
possible with squeeze, yes. persistency was done through luks which
should work with squeeze (it's not much tested though).

> Max Vozeler worked on a replacement for loop-aes in the form of a
> compatible cipher mode for dm-crypt; Milan Broz has since polished up
> his changes; and they were accepted into Linux 2.6.38.

nice.

> If there are a substantial number of Debian Live users with loop-aes
> partitions, I think we can justify adding a backport of these changes to
> a point release of the kernel in squeeze.  I don't know what changes
> would be needed outside of the kernel.

would be nice if you could include it, so we can advise people that
build images with encryption to use backports of live-boot (by
automatially including them from live.d.n with lb config -r
live.debian.net), once we've updated live-boot to work with it.

-- 
Address:        Daniel Baumann, Burgunderstrasse 3, CH-4562 Biberist
Email:          daniel.baumann@progress-technologies.net
Internet:       http://people.progress-technologies.net/~daniel.baumann/