LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for June 20, 2013

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Cryptoloop does the hokey-cokey?

Cryptoloop does the hokey-cokey?

Posted Jul 29, 2004 7:30 UTC (Thu) by nix (subscriber, #2304)
In reply to: Cryptoloop does the hokey-cokey? by tgb
Parent article: Another look at the new development model

Cryptoloop *in the device mapper* is new.

Encrypted loopback devices (implemented by cryptoloop outside the device mapper) are very old: I remember them from the 2.0 days, and they may predate that.

One question: if cryptoloop is going away, what's replacing it? Is the CryptoAPI there for no reason, or is there some new magical way to encrypt filesystems that I've overlooked?

(Log in to post comments)

Cryptoloop does the hokey-cokey?

Posted Jul 29, 2004 9:37 UTC (Thu) by james (subscriber, #1325) [Link]

As I understand it, the replacement is dm-crypt: doing cryptography through DM.

The old cryptoloop support is allegedly "buggy, unmaintained, and reportedly has mutliple [sic] security weaknesses," and the kernel crew feel that vulnerable encrypted filesystem support is worse than no support at all: at least if there's no support, people know their data is vulnerable...

James.

Cryptoloop does the hokey-cokey?

Posted Jul 29, 2004 22:23 UTC (Thu) by Ross (subscriber, #4065) [Link]

You can use DM to encrypt a device and loopback block driver to create the
device from a file. So you end up using two tools instead of one but it
works.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds