Ancor Gonzalez Sosa wrote:
On 8/24/21 11:17 AM, Ludwig Nussel wrote:
Ancor Gonzalez Sosa wrote:
On 8/24/21 5:16 AM, Michael Chang wrote:
On Mon, Aug 23, 2021 at 04:20:29PM +0200, Ludwig Nussel wrote:
Michael Chang wrote:
On Mon, Aug 23, 2021 at 03:13:04PM +0200, Ludwig Nussel wrote:
[...]
cryptsetup --type luks1 luksFormat /foo/bar
That's done on purpose due to all the LUKS2 concerns I already linked before.
Oh well that explains why the tests work then. So far I assumed that the responsibility to use defaults that work with the distro were with libcryptsetup and other tools just follow (hence PBKDF2 despite LUKS2).
In that regard, when we asked the SUSE Security Team they didn't sound exactly excited about PBKDF2. See [1].
How come yast even bothers? cryptsetup in openSUSE never used LUKS2 as default so potential problems with it should have never appeared on your radar, right?
[...] Otherwise, if YaST would have just started to create LUKS2 devices due to [4], ignoring all the mentioned considerations above, it would have been YaST's fault. YaST would have been blamed for changing an important security feature in an unnoticed way, for making it easy to create non-bootable setups in so many situations, for not taking the memory usage implications into account, for using a not-so-great encryption algorithm...
Ok, if you voluntarily take the responsibility that makes my life easier :-) So far I thought I can't switch cryptsetup to use upstream defaults as that would break all kinds of things, including installation. If yast passes all known to work parameters anyway that concern is gone. Now the question is whether cryptsetup should then ship with upstream defaults completely (ie LUKS2 and Argon2) and rely on tools that use cryptsetup to know whether that actually works. The other way to look at the situation would be that cryptsetup keeps the defaults that also yast uses. So no matter whether one creates a volume in yast or on the command line it ends up with the same format by default.
[...] All that said, it's maybe time for a first implementation of general LUKS2 support in YaST, but only on an already running system. Not supporting it during installation and/or for any mount point that is needed for booting. We can build from there, as long as Grub also evolves to support more setups.
Would it be possible to have a command line option/env variable to switch the installer default to LUKS2 for testing? That would make it easier for interested parties to try it out without further commitment from yast side. Even some DUD way would be good enough at this point I think. cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.com/ SUSE Software Solutions Germany GmbH, GF: Felix Imendörffer HRB 36809 (AG Nürnberg)