[dm-crypt] Required kernel crypto interface not available

Franz 169101 at gmail.com
Fri May 16 01:04:56 CEST 2014


On Thu, May 15, 2014 at 6:46 PM, .. ink .. <mhogomchungu at gmail.com> wrote:

>
>
> On Thu, May 15, 2014 at 5:26 PM, Franz <169101 at gmail.com> wrote:
>
>
>
>> Yes I had already seen this zulucrypt and also tomb
>> http://www.dyne.org/software/tomb/ that seems even more developed that
>> zulucrypt. But for such a critical task I am willing to trust packages like
>> cryptsetup and dm-crypt that are signed, incorporated into main
>> distributions, and certainly checked by many people. But I am unwilling to
>> trust something posted somewhere in internet, unsigned and unchecked.
>>
>> Otherwise better to stay with Truecrypt a little more waiting for things
>> to change.
>>
>> In any case many thanks to all for the kind help
>> Best
>> Franz
>>
>
> Your statement carries with it a logical inconsistece since you use
> TrueCrypt, a product that is developed in secrecy,
> by unknown developers who seem to take extra effort to hide themselves for
> no obvious reasons who
> also seem to just put link to a source code dump online once in a
> while,unchecked and unverified.
>
> Why not switching to LUKS since you already seen to trust cryptsetup?
>
> what advantages does TrueCrypt volumes have in your use case that makes
> you want to stick with its encrypted format?
>
>
>
well you are certainly totally right unfortunately. But truecrypt is at
least still open source and the installation file is signed. Also, it is a
very well known product so I suppose that many people audited the source
code and no big problem ever surfaced. Less important, but still... it is
already installed and working fine in a VM of my computer.

Switching to LUCKS would be very interesting. Qubes already uses LUCKS to
encrypt my disk so every time I start my computer need to put a password
just to uncrypt it. But can LUCKS work on a file container that I can copy
and move? I investigated it time ago and found no way to do it. Is there a
way to do that? Really that would be the solution.

Best
Franz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20140515/2e1c9616/attachment-0001.html>


More information about the dm-crypt mailing list