[Pkg-cryptsetup-devel] Bug#471729: cryptsetup: usecase

Sat Mar 29 20:33:42 UTC 2008

Package: cryptsetup
Version: 2:1.0.6~pre1+svn45-1
Followup-For: Bug #471729

Sorry for not answering sooner, something must have eaten your mail.

LUKS supports more than one key.

Usually I'd like to use a custom key script that can f. ex. get the
key off a usb stick so I don't have to connect a keyboard and monitor
for regular reboots but just need to plug in the stick.

That usb key might however get lost or break and in that case I'd like
to still be able to boot the box, even if I have to connect a keyboard
and monitor then, by inputting ANOTHER key locally that's generated
from a regular passphrase.

As for implementing the fallback in the keyscript, that isn't as easy
as it sounds ... or at least I haven't been able to grasp the various
input / output / ... redirections yet that go on around a
keyscript. Any attempt to read from stdin results in 'invalid file
descriptor', when the keyscript is called from cryptdisks_start.

Regards,

C.

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.22-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_AT.UTF-8, LC_CTYPE=de_AT.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages cryptsetup depends on:
ii  dmsetup                      2:1.02.24-4 The Linux Kernel Device Mapper use
ii  libc6                        2.7-6       GNU C Library: Shared libraries
ii  libdevmapper1.02.1           2:1.02.24-4 The Linux Kernel Device Mapper use
ii  libpopt0                     1.10-3      lib for parsing cmdline parameters
ii  libuuid1                     1.40.8-2    universally unique id library

cryptsetup recommends no packages.

-- no debconf information