Google Git
Sign in
kernel / pub / scm / utils / cryptsetup / cryptsetup / 3c2135b36bbc52d052e4ced7c94dc4981eb07a53
commit3c2135b36bbc52d052e4ced7c94dc4981eb07a53[log] [tgz]
authorMilan Broz <gmazyland@gmail.com>Fri Apr 21 08:16:14 2017 +0200
committerMilan Broz <gmazyland@gmail.com>Fri Apr 21 08:22:29 2017 +0200
treedcf67e795d5822fe35e9c66bbb504352a660135a
parentaad597b987d1214085f0da4f955ebb64e8ddb82c [diff]
Fix luksFormat if running in FIPS mode on recent kernel.

Recently introduced check for weak keys for XTS mode makes
zeroed key for algorithm check unusable.

Use random key for the test instead.
1 file changed
tree: dcf67e795d5822fe35e9c66bbb504352a660135a
  1. docs/
  2. lib/
  3. man/
  4. misc/
  5. po/
  6. python/
  7. src/
  8. tests/
  9. .gitignore
  10. ABOUT-NLS
  11. AUTHORS
  12. autogen.sh
  13. ChangeLog
  14. configure.ac
  15. COPYING
  16. COPYING.LGPL
  17. FAQ
  18. INSTALL
  19. Makefile.am
  20. NEWS
  21. README
  22. README.md
  23. TODO
README.md

LUKS logo

What the ...?

Cryptsetup is utility used to conveniently setup disk encryption based on DMCrypt kernel module.

These include plain dm-crypt volumes, LUKS volumes, loop-AES and TrueCrypt (including VeraCrypt extension) format.

Project also includes veritysetup utility used to conveniently setup DMVerity block integrity checking kernel module.

LUKS Design

LUKS is the standard for Linux hard disk encryption. By providing a standard on-disk-format, it does not
only facilitate compatibility among distributions, but also provides secure management of multiple user passwords.
In contrast to existing solution, LUKS stores all setup necessary setup information in the partition header,
enabling the user to transport or migrate his data seamlessly.

Last version of the LUKS format specification is available here.

Why LUKS?

  • compatiblity via standardization,
  • secure against low entropy attacks,
  • support for multiple keys,
  • effective passphrase revocation,
  • free.

Project home page.

CVE-2016-4484 (Initrd root shell)

This is problem in intramfs scripts only (these are not part of cryptsetup project), it is neiter bug in cryptsetup nor in LUKS.
Some distributions could add these scripts to distributed package, please check your distro updates for more info.

Frequently asked questions (FAQ)

Download

All release tarballs and release notes are hosted on kernel.org.

The latest cryptsetup version is 1.7.4

Previous versions

Source and API docs

For development version code, please refer to source page, mirror on kernel.org or GitHub.

For libcryptsetup documentation see libcryptsetup API page.

The libcryptsetup API/ABI changes are tracked in compatibility report.

NLS PO files are maintained by TranslationProject.

Help!

Please always read FAQ first. For cryptsetup and LUKS related questions, please use the dm-crypt mailing list, dm-crypt@saout.de.

If you want to subscribe just send an empty mail to dm-crypt-subscribe@saout.de.

You can also browse list archive or read it through web interface.