On Wed, Sep 17, 2025 at 03:02:16PM +0100, Crystal Kolipe wrote:
> On Wed, Sep 17, 2025 at 03:44:44PM +0200, Jeremie Courreges-Anglas wrote:
> > On Wed, Sep 17, 2025 at 02:27:35PM +0100, Crystal Kolipe wrote:
> > > There is at least one use case where softraid crypto is NOT currently a
> > > workable alternative.
> > > 
> > > If you have a read-only device with a vnd encrypted image on it, you can
> > > happily mount and use it.  Currently, softraid crypto does not support
> > > read-only devices.
> > > 
> > > I actually posted patches to -tech to add support for that, so if you want to
> > > remove vnd encryption support and push people to softraid crypto, at least the
> > > code has been written and tested.  But It's not in cvs, so such existing users
> > > of vnd crypto would be left without a migration path if you push forward with
> > > it's removal.
> > 
> > I understand you'd like your softraid patch to be considered,
> 
> Just to confirm, I'm not using this as a vehicle to get my code committed,
> it's in use on various machines I manage, and solves the issue there, which is
> what does matter to me.
> 
> > but I
> > doubt that the use case you mention prevents the removal of vnconfig
> > encryption support.
> 
> But you've barely given anyone chance to notice or respond.
> 
> This thread started _yesterday_, and based on just two tentitive replies
> you're saying that a consensus has been reached?

What I said:

>> It seems we all agree that these options should be removed, so ok for
>> the diff below?

The diff adds a louder warning at runtime and in the manpage.  It
doesn't remove any code.

> It took me five seconds to find a use case that you and the others in the
> thread had overlooked.

Your use case simply doesn't look as important to me as it does to you.

> Can we be sure that there are not more?

I like to think of myself as a skepticist.  Still, there has to be a
way to make progress.

> > Do you actually use vnconfig encryption?
> 
> I have used it in the past, including on WORM optical media.  I doubt that
> I'll ever need to read an old encrypted vnd image, but if I did then I
> could easily write a stand-alone decoder.
> 
> Honestly, I would also like to see vnd encryption removed.
> 
> But I do think that 24 hours and just two vague offers of support is very
> little to conclude that a feature is ready for removal.  Especially when
> the proposed alternative is known to not be a complete replacement.

So you're not currently using legacy vnconfig encryption, you're not
proposing a diff to add a better encryption scheme, yet you're arguing
for us to keep these features.  I would argue that you're not being
very helpful here.

See this gem I just found when looking at when the initial message was
introduced:

  revision 1.15
  date: 2014/05/30 16:14:19;  author: tedu;  state: Exp;  lines: +5 -1;
  WARNING: Encrypted vnd is insecure.
  Migrate your data to softraid before 5.7.

Again, the diff* I proposed doesn't remove the code, it adds a louder
warning that makes it clear that people should migrate *now*,
something that was lacking.  I think I'm pretty far from doing a
reckless proposal here.

* mount_vnd will need a similar diff
-- 
jca