cryptsetup-deluks icon indicating copy to clipboard operation
cryptsetup-deluks copied to clipboard
verified publisher icon kriswebdev

is LUKS-2 support planned?

Open dimadenisjuk opened this issue 4 years ago β€’ 2 comments

Will you merge your project with modern cryptsetup version? It very difficult to use it without LUKS-2 support! But I can't merge code because don't know how. I only wrote PKGBUILD for ArchLinux and added it to AUR repository (https://aur.archlinux.org/packages/cryptsetup-deluks/).

dimadenisjuk avatar Jun 07 '21 13:06 dimadenisjuk

PKGBUILD file looks like this: #This fork of cryptsetup made by Kriswebdev #Archlinux package contributor is Dimadenisjuk <[email protected]> pkgname=('cryptsetup-deluks') pkgver=0.2BETA pkgrel=3 epoch= pkgdesc="Cryptsetup version with 'Deniable encryption' support" arch=('any') license=('GPL') groups=() #are libjson-c.so and libargon2.so not used? Can I safely delete them from depends? depends=('device-mapper' 'libdevmapper.so' 'openssl' 'popt' 'libutil-linux' 'libuuid.so' 'json-c' 'libjson-c.so' 'argon2' 'libargon2.so') makedepends=('util-linux' 'git') checkdepends=() optdepends=() #fake 12-64 version of libcryptsetup.so needs for package manager work provides=('cryptsetup' 'libcryptsetup.so=12-64' 'cryptsetup-deluks') conflicts=('cryptsetup') replaces=() backup=() options=() install= changelog= source=("git+https://github.com/kriswebdev/cryptsetup-deluks") noextract=() md5sums=('SKIP') validpgpkeys=()

prepare() { cd "$pkgname" }

build() { cd "$pkgname" bash ./autogen.sh # needs to change binary directory from /usr/sbin to /usr/bin sed -i 's/$PATH:\/sbin/$PATH:\/bin/g' configure sed -i 's/$PATH:\/sbin/$PATH:\/bin/g' libtool sed -i 's/${exec_prefix}\/sbin/${exec_prefix}\/bin/g' configure sed -i 's/\/sbin\//\/bin\//g' configure make }

check() { cd "$pkgname" make -k check }`

package() { cd "$pkgname" make DESTDIR="$pkgdir/" install # needs to fix "Failed to start Cryptography Setup for VOLUME" error ln -s $pkgdir/usr/lib/libcryptsetup.so $pkgdir/usr/lib/libcryptsetup.so.12 echo "see https://github.com/kriswebdev/cryptsetup-deluks/wiki/System-encryption for more information." }

dimadenisjuk avatar Jun 07 '21 14:06 dimadenisjuk

Well, development is stopped so there is no plan to merge upstream commits.

I don't see the need to support LUKS2 unless you're using system encryption. DELUKS is just another (encrypted) header format. It is not LUKS1, it is based on LUKS1. cryptsetup-deluks doesn't need to replace cryptsetup unless you're using system encryption.

If you're NOT using system encryption, you can safely compile cryptsetup-deluks to some binary file, for example named cryptd like in the documentation, and run it from the command line to encrypt/decrypt a drive or partition, and it works fine even on recent O.S.

If you're using system encryption, replacing system cryptsetup with the DeLUKS version and replacing grub with the DeLUKS doesn't work on recent O.S. This is required for system encryption.

kriswebdev avatar Jun 10 '21 18:06 kriswebdev