[dm-crypt] Asustor NAS and cryptsetup 1.6.1

Arno Wagner arno at wagner.name
Wed Dec 31 08:26:39 CET 2014

ecryptfs leaks a lot of data like filenames, sizes, modifiaction 
times, etc. These can be critical. For example, sometimes 
file-sizes are misused as "fingerprints".
I would say definitely backwards security-wise, for possibly
some better usability.


On Tue, Dec 30, 2014 at 19:18:38 CET, msalists at gmx.net wrote:
> They are reluctant to give out any details, but are saying that they
> will be releasing a new version of their software in the coming
> weeks that uses ecryptfs instead.
> Is this a step forward or backward (or rather just "sideways")?
> Mark
> On 2014-12-30 02:04, Arno Wagner wrote:
> >On Tue, Dec 30, 2014 at 03:32:58 CET, msalists at gmx.net wrote:
> >>On 2014-12-29 11:29, Quentin Lefebvre wrote:
> >>>On 29/12/2014 20:06, msalists at gmx.net wrote :
> >>>>Assuming I did create the container with aes-cbc-essiv:sha256; would
> >>>>cryptsetup automatically figure out the correct parameters when it is
> >>>>subsequently called without those parameters to mount the container?
> >>>>Or do non-default parameters at creation time require the same
> >>>>non-default parameters again for subsequent mounts?
> >>>As you may have understood, in plain mode, there is no header, so
> >>>no way for cryptsetup to guess the algorithm used. Thus, if it is
> >>>a non-default one, it must be specified also at mount time.
> >>>
> >>Hm, makes sense. Is there some kind of a config file that I could
> >>specify the parameters in, and that would be read prior to using the
> >>defaults - similar to how some parameters for mount can be specified
> >>in /etc/fstab ?
> >Only if the NAS-makers added one. cryptsetup does not have
> >a mechanism for this.
> >
> >Arno
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt

Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier

More information about the dm-crypt mailing list