The losetup style of doing encrypted devices is a weak solution and should NOT be used by anyone. People should have migrated to device-mapper's dm-crypt feature which implements a cryptographic layer for devices securely. /etc/{conf,init}.d/crypto-loop should allow for the use of the superior device-mapper crypto layer. Reproducible: Always Steps to Reproduce: 1. 2. 3.
Ah, forgot the background information on cryptoloops. http://lwn.net/Articles/67216/
emerge sys-fs/cryptsetup if you want dm-crypt.
sys-fs/cryptsetup does allow one to create,list,remove crypto mapped devices, but /etc/init.d/crypto-loop gives you a run level interface to automatically manage crypted devices. The two things are very different in nature. Also still /etc/init.d/crypto-loop uses the crypto-loops which have a weak design and should not be used for secure storage of data.
(In reply to comment #3) > sys-fs/cryptsetup does allow one to create,list,remove crypto mapped devices, > but /etc/init.d/crypto-loop gives you a run level interface to automatically > manage crypted devices. Please, at least do some research sufficient to not claim something that is obviously not true - like looking at /lib/rcscripts/addons/dm-crypt-start.sh and /lib/rcscripts/addons/dm-crypt-stop.sh. I'm using cryptsetup and have dm-crypted swap and /tmp automatically created at boot. (In reply to comment #3) > The two things are very different in nature. Also still > /etc/init.d/crypto-loop uses the crypto-loops which have a weak design and > should not be used for secure storage of data. Yeah, the two thing are very different and if you don't like crypto-loop, then don't use it, pretty simple.
