Re: crypto and fsck guys.

Ernst Molitor (ernst@mibi02.meb.uni-bonn.de)
Mon, 18 Oct 1999 15:23:51 +0200 (CEST)


Hi,

>A friend of mine tried once to make backups of an encrypted filesystem.
>That looked easy: just put on a tape/zip/whatever the file containing the
>encrypted filesystem. He found out however that that was not doable: each
>block of data is encrypted using a seed which is the __absolute__ block
>number of the underlying filesystem, where it should be the block number
>__relative__ to the beginning of the file containing the encrypted
>filesystem. The consequence is that if you try to restore a backup (or
>simply if you try to copy the encrypted filesystem), you obtain something
>which cannot be decrypted as the block numbers have changed since the
>encryption.

>From the current .../linux/Documentation/crypto/ChangeLog (after
applying the Linux-int patch):

: * International kernel patch 2.2.10.4 released.
:
: * Added new config option for using relative block numbers instead
: of absolute ones when calling the loop block device's transfer
: function. This should fix the #1 issue with using loopback crypto
: filesystems.

Regards,

Ernst

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/