On Sat, Jul 28, 2012 at 6:31 PM, Heiko Baums <lists@baums-on-web.de> wrote:
Am Sat, 28 Jul 2012 17:46:57 +0200 schrieb Tom Gundersen <teg@jklm.no>:
I think one of them should be in buys and one in bytes. I'm on my phone, so can't check.
If they are directly passed to dd and cryptsetup then not.
With the old syntax the same values are directly passed to dd and cryptsetup. See do_unlock_legacy().
So those values are absolutely correct, because the same values work and have ever worked with the old syntax. So there must be a bug in either the new part of initscripts or in systemd-cryptsetup. And I wouldn't wonder if it's systemd, because I know that my script works.
Heiko
size= is key size, NOT keyfile size. It seems systemd's crypttab currently has no means of specifying keyfile size, so it will always try to read the maximum (up to 8MB according to cryptsetup --help).