(In reply to Andrei Borzenkov from comment #5) > I suppose there won't be much harm in doing it, but let's wait for Michael. Yes. Let's do it. Currently adding AES+SHA1 support should be suffice imho, because that's set-up by YaST directly. Any other crypto support beyond that can be treated as (future) feature request as we may disagree to maintain that much ways for doing the same thing. So please go ahead and submit your fix. Thanks. :)