From 7ba89030c8e539ae9d280f67e1faf3071adc5c78 Mon Sep 17 00:00:00 2001 From: Richard Laager Date: Wed, 17 Apr 2019 18:57:24 -0500 Subject: [PATCH] Debian/Ubuntu: Use AES-256 cryptsetup 2.1.0-1 now uses AES-256. This will be released with Debian Buster and Ubuntu Disco (19.04). Reported-by: Jason Cohen --- Debian-Buster-Encrypted-Root-on-ZFS.md | 4 ++-- Debian-Buster-Root-on-ZFS.md | 4 ++-- Debian-Stretch-Root-on-ZFS.md | 4 ++-- Ubuntu-18.04-Root-on-ZFS.md | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Debian-Buster-Encrypted-Root-on-ZFS.md b/Debian-Buster-Encrypted-Root-on-ZFS.md index c88533e..713a8b3 100644 --- a/Debian-Buster-Encrypted-Root-on-ZFS.md +++ b/Debian-Buster-Encrypted-Root-on-ZFS.md @@ -169,7 +169,7 @@ Choose one of the following options: # zpool create -o ashift=12 \ -O acltype=posixacl -O canmount=off -O compression=lz4 \ -O dnodesize=auto -O normalization=formD -O relatime=on -O xattr=sa \ - -O encryption=aes-128-gcm -O keylocation=prompt -O keyformat=passphrase \ + -O encryption=aes-256-gcm -O keylocation=prompt -O keyformat=passphrase \ -O mountpoint=/ -R /mnt \ rpool /dev/disk/by-id/scsi-SATA_disk1-part4 @@ -179,7 +179,7 @@ Choose one of the following options: * Setting `relatime=on` is a middle ground between classic POSIX `atime` behavior (with its significant performance impact) and `atime=off` (which provides the best performance by completely disabling atime updates). Since Linux 2.6.30, `relatime` has been the default for other filesystems. See [RedHat's documentation](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/power_management_guide/relatime) for further information. * Setting `xattr=sa` [vastly improves the performance of extended attributes](https://github.com/zfsonlinux/zfs/commit/82a37189aac955c81a59a5ecc3400475adb56355). Inside ZFS, extended attributes are used to implement POSIX ACLs. Extended attributes can also be used by user-space applications. [They are used by some desktop GUI applications.](https://en.wikipedia.org/wiki/Extended_file_attributes#Linux) [They can be used by Samba to store Windows ACLs and DOS attributes; they are required for a Samba Active Directory domain controller.](https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs) Note that [`xattr=sa` is Linux-specific.](http://open-zfs.org/wiki/Platform_code_differences) If you move your `xattr=sa` pool to another OpenZFS implementation besides ZFS-on-Linux, extended attributes will not be readable (though your data will be). If portability of extended attributes is important to you, omit the `-O xattr=sa` above. Even if you do not want `xattr=sa` for the whole pool, it is probably fine to use it for `/var/log`. * Make sure to include the `-part4` portion of the drive path. If you forget that, you are specifying the whole disk, which ZFS will then re-partition, and you will lose the bootloader partition(s). -* ZFS uses `aes-256-ccm` by default. AES-GCM seems to be generally preferred over AES-CCM elsewhere, and is likely faster. This HOWTO uses AES-128, which matches the LUKS configuration from previous versions, which was used because it was the LUKS and Ubuntu default. You may wish to adjust this to `aes-256-gcm` or back to `aes-256-ccm`. +* ZFS uses `aes-256-ccm` by default. AES-GCM seems to be generally preferred over AES-CCM elsewhere, and is likely faster. * Your passphrase will likely be the weakest link. Choose wisely. See [section 5 of the cryptsetup FAQ](https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions#5-security-aspects) for guidance. **Hints:** diff --git a/Debian-Buster-Root-on-ZFS.md b/Debian-Buster-Root-on-ZFS.md index 0f95307..f7efe33 100644 --- a/Debian-Buster-Root-on-ZFS.md +++ b/Debian-Buster-Root-on-ZFS.md @@ -145,7 +145,7 @@ Choose one of the following options: 2.4b LUKS: # apt install --yes cryptsetup - # cryptsetup luksFormat -c aes-xts-plain64 -s 256 -h sha256 \ + # cryptsetup luksFormat -c aes-xts-plain64 -s 512 -h sha256 \ /dev/disk/by-id/scsi-SATA_disk1-part4 # cryptsetup luksOpen /dev/disk/by-id/scsi-SATA_disk1-part4 luks1 # zpool create -o ashift=12 \ @@ -160,7 +160,7 @@ Choose one of the following options: * Setting `relatime=on` is a middle ground between classic POSIX `atime` behavior (with its significant performance impact) and `atime=off` (which provides the best performance by completely disabling atime updates). Since Linux 2.6.30, `relatime` has been the default for other filesystems. See [RedHat's documentation](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/power_management_guide/relatime) for further information. * Setting `xattr=sa` [vastly improves the performance of extended attributes](https://github.com/zfsonlinux/zfs/commit/82a37189aac955c81a59a5ecc3400475adb56355). Inside ZFS, extended attributes are used to implement POSIX ACLs. Extended attributes can also be used by user-space applications. [They are used by some desktop GUI applications.](https://en.wikipedia.org/wiki/Extended_file_attributes#Linux) [They can be used by Samba to store Windows ACLs and DOS attributes; they are required for a Samba Active Directory domain controller.](https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs) Note that [`xattr=sa` is Linux-specific.](http://open-zfs.org/wiki/Platform_code_differences) If you move your `xattr=sa` pool to another OpenZFS implementation besides ZFS-on-Linux, extended attributes will not be readable (though your data will be). If portability of extended attributes is important to you, omit the `-O xattr=sa` above. Even if you do not want `xattr=sa` for the whole pool, it is probably fine to use it for `/var/log`. * Make sure to include the `-part4` portion of the drive path. If you forget that, you are specifying the whole disk, which ZFS will then re-partition, and you will lose the bootloader partition(s). -* For LUKS, the key size chosen is 256 bits. However, XTS mode requires two keys, so the LUKS key is split in half. Thus, `-s 256` means AES-128, which is the LUKS and Ubuntu default. +* For LUKS, the key size chosen is 512 bits. However, XTS mode requires two keys, so the LUKS key is split in half. Thus, `-s 512` means AES-256. * Your passphrase will likely be the weakest link. Choose wisely. See [section 5 of the cryptsetup FAQ](https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions#5-security-aspects) for guidance. **Hints:** diff --git a/Debian-Stretch-Root-on-ZFS.md b/Debian-Stretch-Root-on-ZFS.md index d1e98bd..46ff9b6 100644 --- a/Debian-Stretch-Root-on-ZFS.md +++ b/Debian-Stretch-Root-on-ZFS.md @@ -146,7 +146,7 @@ Choose one of the following options: 2.4b LUKS: # apt install --yes cryptsetup - # cryptsetup luksFormat -c aes-xts-plain64 -s 256 -h sha256 \ + # cryptsetup luksFormat -c aes-xts-plain64 -s 512 -h sha256 \ /dev/disk/by-id/scsi-SATA_disk1-part4 # cryptsetup luksOpen /dev/disk/by-id/scsi-SATA_disk1-part4 luks1 # zpool create -o ashift=12 \ @@ -161,7 +161,7 @@ Choose one of the following options: * Setting `relatime=on` is a middle ground between classic POSIX `atime` behavior (with its significant performance impact) and `atime=off` (which provides the best performance by completely disabling atime updates). Since Linux 2.6.30, `relatime` has been the default for other filesystems. See [RedHat's documentation](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/power_management_guide/relatime) for further information. * Setting `xattr=sa` [vastly improves the performance of extended attributes](https://github.com/zfsonlinux/zfs/commit/82a37189aac955c81a59a5ecc3400475adb56355). Inside ZFS, extended attributes are used to implement POSIX ACLs. Extended attributes can also be used by user-space applications. [They are used by some desktop GUI applications.](https://en.wikipedia.org/wiki/Extended_file_attributes#Linux) [They can be used by Samba to store Windows ACLs and DOS attributes; they are required for a Samba Active Directory domain controller.](https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs) Note that [`xattr=sa` is Linux-specific.](http://open-zfs.org/wiki/Platform_code_differences) If you move your `xattr=sa` pool to another OpenZFS implementation besides ZFS-on-Linux, extended attributes will not be readable (though your data will be). If portability of extended attributes is important to you, omit the `-O xattr=sa` above. Even if you do not want `xattr=sa` for the whole pool, it is probably fine to use it for `/var/log`. * Make sure to include the `-part4` portion of the drive path. If you forget that, you are specifying the whole disk, which ZFS will then re-partition, and you will lose the bootloader partition(s). -* For LUKS, the key size chosen is 256 bits. However, XTS mode requires two keys, so the LUKS key is split in half. Thus, `-s 256` means AES-128, which is the LUKS and Ubuntu default. +* For LUKS, the key size chosen is 512 bits. However, XTS mode requires two keys, so the LUKS key is split in half. Thus, `-s 512` means AES-256. * Your passphrase will likely be the weakest link. Choose wisely. See [section 5 of the cryptsetup FAQ](https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions#5-security-aspects) for guidance. **Hints:** diff --git a/Ubuntu-18.04-Root-on-ZFS.md b/Ubuntu-18.04-Root-on-ZFS.md index 464dc36..c9d83c9 100644 --- a/Ubuntu-18.04-Root-on-ZFS.md +++ b/Ubuntu-18.04-Root-on-ZFS.md @@ -138,7 +138,7 @@ Choose one of the following options: 2.4b LUKS: - # cryptsetup luksFormat -c aes-xts-plain64 -s 256 -h sha256 \ + # cryptsetup luksFormat -c aes-xts-plain64 -s 512 -h sha256 \ /dev/disk/by-id/scsi-SATA_disk1-part4 # cryptsetup luksOpen /dev/disk/by-id/scsi-SATA_disk1-part4 luks1 # zpool create -o ashift=12 \ @@ -153,7 +153,7 @@ Choose one of the following options: * Setting `relatime=on` is a middle ground between classic POSIX `atime` behavior (with its significant performance impact) and `atime=off` (which provides the best performance by completely disabling atime updates). Since Linux 2.6.30, `relatime` has been the default for other filesystems. See [RedHat's documentation](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/power_management_guide/relatime) for further information. * Setting `xattr=sa` [vastly improves the performance of extended attributes](https://github.com/zfsonlinux/zfs/commit/82a37189aac955c81a59a5ecc3400475adb56355). Inside ZFS, extended attributes are used to implement POSIX ACLs. Extended attributes can also be used by user-space applications. [They are used by some desktop GUI applications.](https://en.wikipedia.org/wiki/Extended_file_attributes#Linux) [They can be used by Samba to store Windows ACLs and DOS attributes; they are required for a Samba Active Directory domain controller.](https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs) Note that [`xattr=sa` is Linux-specific.](http://open-zfs.org/wiki/Platform_code_differences) If you move your `xattr=sa` pool to another OpenZFS implementation besides ZFS-on-Linux, extended attributes will not be readable (though your data will be). If portability of extended attributes is important to you, omit the `-O xattr=sa` above. Even if you do not want `xattr=sa` for the whole pool, it is probably fine to use it for `/var/log`. * Make sure to include the `-part4` portion of the drive path. If you forget that, you are specifying the whole disk, which ZFS will then re-partition, and you will lose the bootloader partition(s). -* For LUKS, the key size chosen is 256 bits. However, XTS mode requires two keys, so the LUKS key is split in half. Thus, `-s 256` means AES-128, which is the LUKS and Ubuntu default. +* For LUKS, the key size chosen is 512 bits. However, XTS mode requires two keys, so the LUKS key is split in half. Thus, `-s 512` means AES-256. * Your passphrase will likely be the weakest link. Choose wisely. See [section 5 of the cryptsetup FAQ](https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions#5-security-aspects) for guidance. **Hints:**