Red Hat Bugzilla – Bug 120487
add cryptsetup to distribution
Last modified: 2014-03-16 22:44:04 EDT
As of kernel 2.6.4, the cryptoloop interface has been deprecated in
favor of using dm-crypt:
From playing with FC2 test2, the only missing piece is Christophe's
cryptsetup program. Please consider adding cryptsetup to FC2.
(In the meantime, I will maintain the necessary RPMs myself, as I
absolutely must have encrypted filesystem support.)
I would really like to have encrypted file system support in Fedora
Core. It has always been on my wishlist for RedHat Linux. It is a
important feature, especially for Notebook users. Mandarake Linux has
this feature for years.
After reading the emails at http://kerneltrap.org/node/view/2433, it
seems the "cryptsetup" script was created as a temporary tool to fill
the gap until a proper tool is created to setup encrypted file system.
Furthermore, FC2 is already at its final phase of development. I can
understand if the Fedora developers choose not to include it in FC2
However, I would really appreciate if the "cryptsetup" script can be
added into the official apt/yum depository as a developement package,
and later possibly in the next release of Fedora Core.
I also would like encrypted file system, it's one of the things I miss
It would be great to find it on next test release.
I really hope some semi-formal support for encrypted filesystems goes
into FC2. In today's world of increased security, how can fedora
*not* have had this for so very long? Waiting again until FC3 would
be frustrating to say the least.
I very strongly encourage you to add encrypted filesystem support to
Fedora Core 2.
In response to Chen Nan in comment 1, please note that the
cryptsetup-0.1 is NOT a script; it is a compiled C program. (It
replaced the old cryptsetup.sh shell script.) You can check this by
pulling my RPMs.
The cryptsetup package is not a temporary solution; it's the preferred
(And unlike the cryptoloop interface in FC2 test2, it actually works. ;)
In response to James Ralston in Comment #5:
Thanks for the info. I did't know that you have created a proper tool
with the same name as the script created by Christophe Saout.
I really hope that it will make it into FC2. :)
I didn't; Christophe Saout created both the shell script and then the
C program which replaced it. (I just packaged the latter.)
The problem is pulling in new libgcrypt at this point, which changes
Is libgcrypt being used by something special (so that it would matter
that the ABI changed between FC2t2 and FC2t3 or FC2 FCS)?
Actually, I checked that first, and as far as I can tell, libgcrypt
isn't being used by *anything*: cryptsetup is that first package that
depends on it.
(Caveat: I haven't finished applying all of the updates I just pulled
down. It's possible that some new package now requires libgcrypt.)
It is important for me to have easy setup of encrypted disks. On FC1,
it even needs a kernel patch.
It seems now just a tool would be enough, but it would be great if it
was just there from the beginning.
Given that I entered "Losetup and util-linux are not crypto aware
(#56698)" into Red Hat's bugzilla late in 2001, I am also very
interested in seeing this resolved in Fedora! I would like to see Red
Hat adopt the standard that emerges from cryptoloop and dm_crypt.
Just tried it with the following rpms from rawhide.
It worked. Thanks.
Excellent! Finally, cryptographic filesystem support out-of-the-box.
I'll bang on this thoroughly in test3.
Since few time I use cryptosetup in FC2 final.
At first it look's working well. But I have much more trouble with
ziped and rar files on the encrypted partition. Many crc-errors make
it impossible to decrompressed the files.
The same files on the non-crypted partition works well.
Any ideas whats happen ?