... | @@ -21,13 +21,12 @@ block integrity kernel module. |
... | @@ -21,13 +21,12 @@ block integrity kernel module. |
|
|
|
|
|
LUKS Design
|
|
LUKS Design
|
|
-----------
|
|
-----------
|
|
**LUKS** is the standard for Linux disk encryption. By providing a standard on-disk format,
|
|
**LUKS** is the standard for Linux disk encryption. By providing a standardized on-disk format,
|
|
it does not only facilitate compatibility among distributions, but also provides secure management
|
|
it not only facilitate compatibility among distributions, but also enables secure management
|
|
of multiple user passwords. LUKS stores all necessary setup information in the partition header,
|
|
of multiple user passwords. LUKS stores all necessary setup information in the partition header,
|
|
enabling to transport or migrate data seamlessly.
|
|
which enables users to transport or migrate data seamlessly.
|
|
|
|
|
|
### Specification and documentation
|
|
### Specification and documentation
|
|
|
|
|
|
* The latest version of the
|
|
* The latest version of the
|
|
[LUKS2 format specification](https://gitlab.com/cryptsetup/LUKS2-docs).
|
|
[LUKS2 format specification](https://gitlab.com/cryptsetup/LUKS2-docs).
|
|
* The latest version of the
|
|
* The latest version of the
|
... | @@ -37,7 +36,7 @@ enabling to transport or migrate data seamlessly. |
... | @@ -37,7 +36,7 @@ enabling to transport or migrate data seamlessly. |
|
|
|
|
|
Download
|
|
Download
|
|
--------
|
|
--------
|
|
All release tarballs and release notes are hosted on
|
|
Release notes and tarballs are available at
|
|
[kernel.org](https://www.kernel.org/pub/linux/utils/cryptsetup/).
|
|
[kernel.org](https://www.kernel.org/pub/linux/utils/cryptsetup/).
|
|
|
|
|
|
**The latest stable cryptsetup release version is 2.6.1**
|
|
**The latest stable cryptsetup release version is 2.6.1**
|
... | @@ -56,27 +55,24 @@ Previous versions |
... | @@ -56,27 +55,24 @@ Previous versions |
|
|
|
|
|
Source and API documentation
|
|
Source and API documentation
|
|
----------------------------
|
|
----------------------------
|
|
For development version code, please refer to
|
|
For development version code, please refer to the
|
|
[source](https://gitlab.com/cryptsetup/cryptsetup/tree/master) page,
|
|
[source](https://gitlab.com/cryptsetup/cryptsetup/tree/master) page, with mirrors
|
|
mirror on [kernel.org](https://git.kernel.org/cgit/utils/cryptsetup/cryptsetup.git/) or
|
|
at [kernel.org](https://git.kernel.org/cgit/utils/cryptsetup/cryptsetup.git/) and
|
|
[GitHub](https://github.com/mbroz/cryptsetup).
|
|
[GitHub](https://github.com/mbroz/cryptsetup).
|
|
|
|
|
|
For libcryptsetup documentation see
|
|
For libcryptsetup documentation see
|
|
[libcryptsetup API](https://mbroz.fedorapeople.org/libcryptsetup_API/) page.
|
|
[libcryptsetup API](https://mbroz.fedorapeople.org/libcryptsetup_API/) page.
|
|
|
|
|
|
The libcryptsetup API/ABI changes are tracked in
|
|
|
|
[compatibility report](https://abi-laboratory.pro/tracker/timeline/cryptsetup/).
|
|
|
|
|
|
|
|
NLS PO files are maintained by
|
|
NLS PO files are maintained by
|
|
[TranslationProject](https://translationproject.org/domain/cryptsetup.html).
|
|
[TranslationProject](https://translationproject.org/domain/cryptsetup.html).
|
|
|
|
|
|
Required packages
|
|
Required packages
|
|
-----------------
|
|
-----------------
|
|
All distributions provide cryptsetup as distro package. If you need to compile cryptsetup yourself,
|
|
All major Linux distributions provide cryptsetup as a bundled package. If you need
|
|
some packages are required for compilation.
|
|
to compile cryptsetup yourself, various additional packages are required.
|
|
Please always prefer distro specific build tools to manually configuring cryptsetup.
|
|
Any distribution-specific build tools are preferred when manually configuring cryptsetup.
|
|
|
|
|
|
Here is the list of packages needed for the compilation of project for particular distributions:
|
|
Below are the packages needed to build for certain Linux distributions:
|
|
|
|
|
|
**For Fedora**:
|
|
**For Fedora**:
|
|
```
|
|
```
|
... | @@ -102,47 +98,48 @@ To run the internal testsuite (make check) you also need to install |
... | @@ -102,47 +98,48 @@ To run the internal testsuite (make check) you also need to install |
|
sharutils dmsetup jq xxd expect keyutils netcat passwd openssh-client sshpass
|
|
sharutils dmsetup jq xxd expect keyutils netcat passwd openssh-client sshpass
|
|
```
|
|
```
|
|
|
|
|
|
Note that the list could change as the distributions evolve.
|
|
Note that the list may change as Linux distributions evolve.
|
|
|
|
|
|
Compilation
|
|
Compilation
|
|
-----------
|
|
-----------
|
|
The cryptsetup project uses **automake** and **autoconf** system to generate all needed files
|
|
The cryptsetup project uses **automake** and **autoconf** system to generate all files needed to build.
|
|
for compilation. If you check it from the git snapshot, use **./autogen.sh && ./configure && make**
|
|
When building from a git snapshot,, use **./autogen.sh && ./configure && make**
|
|
to compile the project. If you use downloaded released **tar.xz** archive, the configure script
|
|
to compile the project. When building from a release **tar.xz** tarball, the configure script
|
|
is already pre-generated (no need to run **autoconf.sh**).
|
|
is pre-generated (no need to run **autoconf.sh**).
|
|
See **./configure --help** and use **--disable-[feature]** and **--enable-[feature]** options.
|
|
See **./configure --help** and use the **--disable-[feature]** and **--enable-[feature]** options.
|
|
|
|
|
|
For running the test suite that come with the project, type **make check**.
|
|
To run the test suite that come with the project, type **make check**.
|
|
Note that most tests will need root user privileges and run many dangerous storage fail simulations.
|
|
Note that most tests will need root user privileges and will run dangerous storage failure simulations.
|
|
Do **not** run tests with root privilege on production systems! Some tests will need scsi_debug
|
|
Do **not** run tests with root privilege on production systems! Some tests will need the **scsi_debug**
|
|
kernel module to be available.
|
|
kernel module to be installed.
|
|
|
|
|
|
For more details, please refer to [automake](https://www.gnu.org/software/automake/manual/automake.html)
|
|
For more details, please refer to the
|
|
and [autoconf](https://www.gnu.org/savannah-checkouts/gnu/autoconf/manual/autoconf.html) manuals.
|
|
[automake](https://www.gnu.org/software/automake/manual/automake.html) and
|
|
|
|
[autoconf](https://www.gnu.org/savannah-checkouts/gnu/autoconf/manual/autoconf.html) documentation.
|
|
|
|
|
|
Help!
|
|
Help!
|
|
-----
|
|
-----
|
|
### Documentation
|
|
### Documentation
|
|
Please read the following documentation before posting questions in the mailing list...
|
|
Please read the following before posting questions to the mailing list so that
|
|
You will be able to ask better questions and better understand the answers.
|
|
you can ask better questions and better understand answers.
|
|
|
|
|
|
* [Frequently asked questions (FAQ)](https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions),
|
|
* [Frequently asked questions (FAQ)](https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions),
|
|
* [LUKS Specifications](#specification-and-documentation), and
|
|
* [LUKS Specifications](#specification-and-documentation), and
|
|
* manuals (aka man page, man pages, man-page)
|
|
* manuals (aka man page, man pages, man-page)
|
|
|
|
|
|
The FAQ is online and in the source code for the project. The Specifications are referenced above
|
|
The FAQ is available online and in the source code for the project. The specifications are
|
|
in this document. The man pages are in source and should be available after installation using
|
|
referenced above in this document. The man pages live within the source tree and should be
|
|
standard man commands, e.g. **man cryptsetup**.
|
|
available after installation using standard man commands, e.g. **man cryptsetup**.
|
|
|
|
|
|
### Mailing List
|
|
### Mailing List
|
|
|
|
|
|
For cryptsetup and LUKS related questions, please use the cryptsetup mailing list
|
|
For cryptsetup and LUKS related questions, please use the cryptsetup mailing list
|
|
[cryptsetup@lists.linux.dev](mailto:cryptsetup@lists.linux.dev),
|
|
[cryptsetup@lists.linux.dev](mailto:cryptsetup@lists.linux.dev),
|
|
hosted at [kernel.org subspace](https://subspace.kernel.org/lists.linux.dev.html).
|
|
hosted at [kernel.org subspace](https://subspace.kernel.org/lists.linux.dev.html).
|
|
To subscribe send an empty mail to
|
|
To subscribe send an empty email message to
|
|
[cryptsetup+subscribe@lists.linux.dev](mailto:cryptsetup+subscribe@lists.linux.dev).
|
|
[cryptsetup+subscribe@lists.linux.dev](mailto:cryptsetup+subscribe@lists.linux.dev).
|
|
|
|
|
|
You can also browse and/or search the mailing [list archive](https://lore.kernel.org/cryptsetup/).
|
|
You can also browse and/or search the mailing [list archive](https://lore.kernel.org/cryptsetup/).
|
|
News (NNTP), Atom feed and git access to public inbox is available through [lore.kernel.org](https://lore.kernel.org) service.
|
|
USEnet News (NNTP), Atom feed and git access to the public inbox is available through
|
|
|
|
[lore.kernel.org](https://lore.kernel.org) service.
|
|
|
|
|
|
The former dm-crypt [list archive](https://lore.kernel.org/dm-crypt/) is also available. |
|
The former **dm-crypt** [list archive](https://lore.kernel.org/dm-crypt/) is also available. |