cryptsetup-luks - failed ...

[catfish52]

Hi,
I just followed hnaparsts howto to encrypt my swap dev.
> https://forums.gentoo.org/viewtopic-t-425423-highlight-cryptfs.html

I recompiled the kernel with all the necessary options and added:

swap=crypt-swap
source='/dev/sda3'

to /etc/conf.d/cryptfs.

Now I get this when i restart the box....

* Setting up dm-crypt mappings ...
* dm-crypt map crypt-swap ...
* cryptsetup will be called with : -c aes -h sha1 -d /dev/urandom luksOpen /dev/sda3 crypt-swap
Warning: exhausting read requested, but key file is not a regular file, function might never return.

What did I'm wrong ? Im using kernel 2.6.18 and luks 1.0.4-r1

[lost+found]

Maybe an options line should be added. I'm using this:

[catfish52]

I added the option line and got the same error again.

the strange thing is, that i can create, open and mount crypted partitions by hand, but it fails when I want to start it through init...

should I go back to cryptsetup-luks 1.03 ? which version do you use ?

many thanks in advance !!

[lost+found]

There are a lot of bugs with this package (check bugzilla)...
I'm using cryptsetup-luks-1.0.4-r1 init, but replaced /sbin/cryptsetup with a static binary from http://luks.endorphin.org/dm-crypt myself... (so that's the 1.0.3 version) all because of this bug: https://bugs.gentoo.org/show_bug.cgi?id=144687. I need the 448 key size.

Did you run "revdep-rebuild -p" already... maybe some packages need to be rebuild against a new version of something.

[lost+found]

...there was a change in config recently....
/usr/portage/sys-fs/cryptsetup-luks/cryptsetup-luks-1.0.4-r1.ebuild:

[lost+found]

[catfish52]

I`m at work... will check your suggestions when I'm at back home....

thanks for your quick feedback !!!

[Trois Six]

Hi,

After an upgrade, I had exactly the same problem even if I followed the "readme" inside the file /etc/conf.d/cryptfs

I finally succeeded to crypt my swap with de following parameters in /etc/conf.d/cryptfs :