[dm-crypt] Required kernel crypto interface not available

Franz 169101 at gmail.com
Fri May 16 15:13:23 CEST 2014

On Fri, May 16, 2014 at 12:00 AM, .. ink .. <mhogomchungu at gmail.com> wrote:

> On Thu, May 15, 2014 at 9:58 PM, Franz <169101 at gmail.com> wrote:
>> Wow it works!! I cannot believe it was that easy. Also I was able to
>> create a container called only test, without the .img extension to hidden
>> the file among other files. Many thanks INK you are great!
> You should know that LUKS header volume is partially open and hence its
> readily obvious the volume is a LUKS volume
> and hence you arent hiding that much if anything. If you want to use LUKS
> while hiding the header, create the
> volume with a detached header,info on how to do so is here:
> https://code.google.com/p/cryptsetup/wiki/Cryptsetup140
I do not get clearly the advantage of having the header separated from the
container. If I have header and container together, you tell that anybody
can easily find this is a LUKS container. They cannot open it but they know
there is something hidden.

But isn't the same happening if container and header are separated? I
suppose that as well they can easily find the header (OR NOT?). They cannot
open the container, but they know there is something hidden. Yes they do
not know WHERE it is hidden in this case, but how important is this if in
any case they cannot open it?

> Alternative to have a completely hidden volume while not using a detached
> header is to create a plain dm-crypt volume using cryptsetup.
> And to make a 200 MB container?
> That will be
> dd if=/dev/urandom of=volume bs=1024 count=200000
> The formula is simple,volume size = block size(bs) * count
> Just start with bs =1024 and read for yourself "one kilo byte".
> Then have "count=2" and then read for yourself "two kilo bytes" because
> now you will have bs=1024 count=2
> and both amounts to 2048(two kilobytes)
> From the above just start adding "zeros" to count while saying:
> "twenty kilobytes"
> "two hunded kilobytes"
> "two megabytes"
> "twenty megabytes"
> "two hundred megabytes"
> and stop when you have reached the desired size,get the idea? This is the
> thinking i usually use when creating image files using "dd" command.
> Well many thanks indeed INK good night
> You are welcome. If i can introduce myself to you, i am the developer of
> zuluCrypt. I started the project because i did not want
> to use TrueCrypt simply because it didnt feel like a linux native solution
> and using cryptsetup from the terminal got really annoying really fast.I
> should also say i am not a cryptsetup developer, i just hang out here to
> keep track of a project i depend on.
> With crypsetup,you can manage 3 different volumes, TrueCrypt volumes,LUKS
> volumes and PLAIN volumes.Each has a pro and associated cons. I wrote a
> "simple" comparison btw them in an article about zuluCrypt in the may issue
> of pclinuxos magazine,you can read the online version of the article here:
> http://pclosmag.com/html/Issues/201405/page10.html

Very interesting INK, and clear. Now I am sorry wrote did not trust
zuluCrypt. These mail lists are dangerous: you never know who you are
speaking with :-). Trust is the weak and strong point. I am getting older
and cannot tell how many times my trust was misplaced with bad
consequences, but at the same time all the best things I accomplished in
life  were based on trust. So...

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20140516/25aaaa84/attachment-0001.html>

More information about the dm-crypt mailing list