[Pkg-cryptsetup-devel] cryptdisks and password prompt

Jonas Meurer jonas at freesources.org
Tue Jan 24 23:57:03 UTC 2006


On 24/01/2006 Tom Fernandes wrote:
> >
> > but in my eyes #328961 is still interesting, even when cryptsetup
> > support gets added to mount (util-linux). the case with the usb-kebboard
> > (explained in the bugreport) is still present, and i guess that a
> > countdown of some (configurable) seconds is quite a good idea.
> >
> > what do you think?
> 
> countdown is a very good idea imho as this gives you the option to boot a 
> server with an encrypted partition to a point where you can log into it and 
> run "/etc/init.d/cryptdisk restart" to actually decrypt the partition 
> remotely.

exactly. the usb-keyboard was in fact not a good example, but in any
case there are cases where a timeout could be useful.

i've started a simple implementation of a timeout option for cryptdisks,
and commited it to svn. you can take a look at it if you want.

> usb-keyboards should be handled by the initrd scripts anyways. Imagine the 
> scenario of resuming form an encrypted swap or encrypted /. If using a 
> usb-keyboard does not work after booting an initrd this is a bug in the 
> initrd scripts being used I would say.

you're correct.

...
 jonas



More information about the Pkg-cryptsetup-devel mailing list