[pkg-cryptsetup-devel] Bug#697455: cryptsetup: expose number of tries to keyscript

Laurens Blankers laurens at blankersfamily.com
Sat Jan 5 14:40:01 UTC 2013


Package: cryptsetup
Version: 2:1.4.3-4
Severity: wishlist

Dear Maintainer,

I would like to request the number of tries to be passed to the
keyscript e.g. through an environment variable CRYPTTAB_TRIES.
This would be useful in the following scenario: a keyscript
attempts to read a key from a USB stick and succeeds but the
stick contains the wrong key. On the second try the keyscript
could decide to ask the user for a password instead.

I currently implement this by asking for a key with a timeout
of 30 seconds and if no key is entered then proceeding with
retrieving the key from the USB stick. This works, however
it introduces a 30 second delay on boot.

I believe that implementing this feature may also solve issue
438481 and issue 471729.

Sincerely,

Laurens


-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-3-686-pae (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash



More information about the pkg-cryptsetup-devel mailing list