# device-mapper without crypt support [solved]

## snIP3r

hi all!

i'm trying to setup an encrypted loop device with dm-crypt with luks (on an AMD64 system with 2.6.20-gentoo-r8 kernel). but i found out that the device mapper has no crypt target:

```

localhost init.d # dmsetup targets

striped          v1.0.2

linear           v1.0.2

error            v1.0.1

```

cause i got an error message when doing this:

```
localhost opt # cryptsetup luksFormat /dev/loop0                                             

WARNING!

========

This will overwrite data on /dev/loop0 irrevocably.

Are you sure? (Type uppercase yes): YES

Enter LUKS passphrase:

Verify passphrase:

Failed to setup dm-crypt key mapping.

Check kernel for support for the aes-cbc-essiv:sha256 cipher spec and verify that /dev/loop0 contains at least 133 sectors.

Failed to write to key storage.

Command failed.

```

this is the message in /var/log/messages:

```

Jul  3 21:28:18 localhost device-mapper: table: 253:0: crypt: unknown target type

Jul  3 21:28:18 localhost device-mapper: ioctl: error adding target to table

Jul  3 21:28:18 localhost device-mapper: ioctl: device doesn't appear to be in the dev hash table.

```

i compiled the kernel with this settings:

```

#

# Multi-device support (RAID and LVM)

#

CONFIG_MD=y

CONFIG_BLK_DEV_MD=y

# CONFIG_MD_LINEAR is not set

# CONFIG_MD_RAID0 is not set

CONFIG_MD_RAID1=y

# CONFIG_MD_RAID10 is not set

CONFIG_MD_RAID456=y

CONFIG_MD_RAID5_RESHAPE=y

CONFIG_MD_MULTIPATH=y

# CONFIG_MD_FAULTY is not set

CONFIG_BLK_DEV_DM=y

# CONFIG_DM_DEBUG is not set

CONFIG_DM_CRYPT=y

# CONFIG_DM_SNAPSHOT is not set

# CONFIG_DM_MIRROR is not set

# CONFIG_DM_ZERO is not set

# CONFIG_DM_MULTIPATH is not set

# CONFIG_BLK_DEV_DM_BBR is not set 

#

# Cryptographic options

#

CONFIG_CRYPTO=y

CONFIG_CRYPTO_ALGAPI=y

CONFIG_CRYPTO_BLKCIPHER=y

CONFIG_CRYPTO_HASH=y

CONFIG_CRYPTO_MANAGER=y

CONFIG_CRYPTO_HMAC=y

CONFIG_CRYPTO_XCBC=y

CONFIG_CRYPTO_NULL=y

CONFIG_CRYPTO_MD4=y

CONFIG_CRYPTO_MD5=y

CONFIG_CRYPTO_SHA1=y

CONFIG_CRYPTO_SHA256=y

CONFIG_CRYPTO_SHA512=y

CONFIG_CRYPTO_WP512=y

CONFIG_CRYPTO_TGR192=y

CONFIG_CRYPTO_GF128MUL=y

CONFIG_CRYPTO_ECB=y

CONFIG_CRYPTO_CBC=y

CONFIG_CRYPTO_LRW=y

CONFIG_CRYPTO_DES=y

CONFIG_CRYPTO_BLOWFISH=y

CONFIG_CRYPTO_TWOFISH=y

CONFIG_CRYPTO_TWOFISH_COMMON=y

CONFIG_CRYPTO_TWOFISH_X86_64=y

CONFIG_CRYPTO_SERPENT=y

CONFIG_CRYPTO_AES=y

CONFIG_CRYPTO_AES_X86_64=y

CONFIG_CRYPTO_CAST5=y

CONFIG_CRYPTO_CAST6=y

CONFIG_CRYPTO_TEA=y

CONFIG_CRYPTO_ARC4=y

CONFIG_CRYPTO_KHAZAD=y

CONFIG_CRYPTO_ANUBIS=y

CONFIG_CRYPTO_DEFLATE=y

CONFIG_CRYPTO_MICHAEL_MIC=y

CONFIG_CRYPTO_CRC32C=y

# CONFIG_CRYPTO_TEST is not set 

```

and i think this should be the settings needed.

can someone tell what to do to get crypt support into the device-mapper???

thx in advance

snIP3r

----------

## Sadako

Please don't be insulted by this, but are you sure you compiled, installed (copied to /boot, configured bootloader) and are running under the kernel you configured with the options you posted above?

If so, what does `cat /proc/crypto` return?

Also, it couldn't hurt to try re-emerging devive-mapper and cryptsetup-luks, although I doubt it'll help.

----------

## snIP3r

 *Hopeless wrote:*   

> Please don't be insulted by this, but are you sure you compiled, installed (copied to /boot, configured bootloader) and are running under the kernel you configured with the options you posted above?
> 
> If so, what does `cat /proc/crypto` return?
> 
> Also, it couldn't hurt to try re-emerging devive-mapper and cryptsetup-luks, although I doubt it'll help.

 

hi hopeless!

thx for your answer! yes i am sure. in the meantime i compiled dm-crypt as a module and now verything works fine. dont know why... but its running now.

but i encountered also problems compiling netfilter into the kernel. switching to modules also fixed thsi issue....

still wondering why this happens.... but i have a brand new running system now   :Very Happy: 

greets

snIP3r

----------

## Phlogiston

I'm having the same problem. Is this (changing the dm_crypto to module) the only change you did compared to the config you posted in your first thread?

----------

## snIP3r

 *Phlogiston wrote:*   

> I'm having the same problem. Is this (changing the dm_crypto to module) the only change you did compared to the config you posted in your first thread?

 

hi!

yes, this was the only change i made. the other necessary modules (encryption modules) are compiled into the kernel.

HTH

snIP3r

----------

## Scytale

I just ran into the same problem. Decreasing the key size to 256 fixed it for me.

----------

