-1

I know there is a way to do it, but I don't know how to do it: the default backend for LUKS is libgcrypt and I want to test it with the openssl cryptographic library.

I was told that there is a configuration file to edit but I didn't find it.

UPDATE:

On most distros the option --with-crypto_backend=openssl won't compile without installing libssl-dev (signaled as dependence) AND pkg-config (NOT signaled).

refex
  • 351
  • 3
  • 11

1 Answers1

2

This is a compile-time option, not a run-time option. If you run ./configure --help on the cryptsetup source code, it'll reveal that --with-crypto_backend=openssl will do what you want.

Mark
  • 34,390
  • 9
  • 85
  • 134
  • I have to correct me: I could compile with openssl, but comparing the values of the iteration count for the passhprase, there is no difference between openssl and libgcrypt. And this appear strange to me. I tested it on arch, Debian Jessie, Ubuntu 15.01, Lubuntu 15.01. On arch I can see a 50% positive difference for openssl. It seems like it is not using a different backend – refex Jan 17 '16 at 14:31
  • If you're trying to replace your distro's `cryptsetup` with a custom-built one, you need to make sure you're running the one you think you are. This varies a bit from distro to distro, and is beyond the scope of infosec.se. – Mark Jan 17 '16 at 20:01