[dm-crypt] cryptsetup 1.2 to 1.6 upgrade

Jose Thomas jostho at gmail.com
Thu Nov 19 14:07:39 CET 2015


Hi,

We are using crypsetup (in plain dmcrypt mode) on RHEL 6.6.

$ cryptsetup --version
cryptsetup 1.2.0

$ cryptsetup --help | tail -3
Default compiled-in device cipher parameters:
    plain: aes-cbc-essiv:sha256, Key: 256 bits, Password hashing: ripemd160
    LUKS1: aes-cbc-essiv:sha256, Key: 256 bits, LUKS header hashing: sha1,
RNG: /dev/urandom

$ cryptsetup status encrypteddata
/dev/mapper/encrypteddata is active and is in use.
  type:  PLAIN
  cipher:  aes-cbc-essiv:sha256
  keysize: 256 bits
  device:  /dev/xvdz
  offset:  0 sectors
  size:    314572800 sectors
  mode:    read/write

I am planning to upgrade to RHEL 7.1 with the same set of keys

$ cryptsetup --version
cryptsetup 1.6.7

$ cryptsetup --help | tail -4
Default compiled-in device cipher parameters:
    loop-AES: aes, Key 256 bits
    plain: aes-cbc-essiv:sha256, Key: 256 bits, Password hashing: ripemd160
    LUKS1: aes-xts-plain64, Key: 256 bits, LUKS header hashing: sha1, RNG:
/dev/urandom

$ ls -l /dev/shm/key.dat
-rw-------. 1 root root 16 Nov 19 05:03 /dev/shm/key.dat

$ cryptsetup create --debug -d /dev/shm/key.dat encrypteddata /dev/xvdz
# cryptsetup 1.6.7 processing "cryptsetup create --debug -d
/dev/shm/key.dat encrypteddata /dev/xvdz"
# Running command open.
# Locking memory.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Allocating crypt device /dev/xvdz context.
# Trying to open and read device /dev/xvdz with direct-io.
# Initialising device-mapper backend library.
# Timeout set to 0 miliseconds.
# Password retry count set to 3.
# Formatting device /dev/xvdz as type PLAIN.
# Crypto backend (gcrypt 1.5.3) initialized.
# Detected kernel Linux 3.10.0-229.20.1.el7.x86_64 x86_64.
# Activating volume encrypteddata [keyslot -1] using keyfile
/dev/shm/key.dat.
# dm version   OF   [16384] (*1)
# dm versions   OF   [16384] (*1)
# Detected dm-crypt version 1.13.0, dm-ioctl version 4.29.0.
# Device-mapper backend running with UDEV support enabled.
# dm status encrypteddata  OF   [16384] (*1)
# File descriptor passphrase entry requested.
Cannot read requested amount of data.
# Releasing crypt device /dev/xvdz context.
# Releasing device-mapper backend.
# Unlocking memory.
Command failed with code 22: Invalid argument

I am getting this error while running cryptsetup - "Cannot read requested
amount of data." What am i missing here ? I tried to convert the create
command to the new "open" version - but it still does not work for me.

Regards,
Jose
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20151119/f63a48a6/attachment.html>


More information about the dm-crypt mailing list