problems mounting an encrypted Knoppix.img file

g4j

I'm trying to mount an encrypted Knoppix home file under Gentoo. I've found two different websites that have the (generic) command structure to do this. But whenever I try it, I get an invalid argument message.

g4j · Posted: Tue Jun 20, 2006 5:24 pm Post subject:

Any assistance would be appreciated.

idella4 · Posted: Wed Jun 21, 2006 7:53 am Post subject:

g4j
let s see if we can get you started.
The error message seems to give the answer.
There are two technical points that success apparently depends upon;
key length. 256 is either required length of length given and is wrong.
of
the right cipher.
I've just recently configure a kernel again. There is a list of ciphers about a dozen or more in length.
My best guess is the required cipher has not been incorporated in the compile of the kernel you are using.
What I cannot tell is the required cipher for the knoppix file.
My best guess is the kernel has it, but it needs to be incorporated.
First determine required cipher.
go to /usr/src/linux-gentoo-version.
run
make menuconfig

and review or adjust the kernel accordingly.

try it out and post a result.
_________________
idella4@aus

g4j · Posted: Fri Jun 23, 2006 1:43 pm Post subject:

Thanks idella4. AES is compiled into the kernel. I've tried it with both AES and AES(i586) but neither one works. I've also tried the commands specifying a different key size; 128 since that's what seems to sometimes be requested in the error message, but that fails with the same error, as does not specifying any size at all.

I can only guess that there is something about the way AES is compiled that is rejecting the required/specified key length.

I know that Knoppix uses AES256. Why the error message is sometimes comming back with 128 is a mystery.

idella4 · Posted: Fri Jun 23, 2006 3:33 pm Post subject:

gfj

yes I follow.
I don ´t have slap down answer, but some thoughts.
At the risk of saying the suggested code is wrong, the more I look at that line, the more I wonder about the arguements.
We have mount mingled with encryption. It is clear your kernel is equipped with the cipher type.
Encryption encrypts by use of the key; public or private.
You almost certainly have keytool on your system
Look at (peruse)
man keytool. though it does go on about too many areas.

The line you are using to me seems underdone.
Where is the KEY mentioned?
To encrypt, you generate a key, then use it on the data.
To unencrypt, you call upon the key to do the unencrypting.
It could explain the error message in some ways.
You know what error messages are like; they almost always miss the cause.

You are trying something I haven´t tried!.
hope it helps.
_________________
idella4@aus

g4j · Posted: Fri Jun 23, 2006 3:39 pm Post subject:

In this case, the Key is a passphrase which is entered at the prompt (as opposed to a key certificate of some sort). If I mis-enter the passphrase, I receive an error message telling me so. So it seems that the error is being generated after the validity of the key (passphrase) is tested.