[pkg-cryptsetup-devel] Bug#994682: cryptsetup-initramfs: Poweroff timeout for cryptroot
Roland Tapken
debian at tmp.dau-sicher.de
Sun Sep 19 12:35:25 BST 2021
Package: cryptsetup-initramfs
Version: 2.3.5
Severity: wishlist
If someone is using an encrypted root fs, and the laptop unintentionally turns
on, it would wait for the passphrase until the battery is empty (that's what
happened to me yesterday).
For this reason please let me suggest to add a timeout option into crypttab,
which will turn the system off if the passphrase (or the key) has not been
provided within the given period of time.
I've added a proof-of-concept patch to /usr/share/initramfs-tools/scripts/
local-top/cryptroot and /usr/lib/cryptsetup/functions which introduced this
feature.
I know that there is a similar report #509070 from 2008, but while that
reports suggests to skip the device for convenience reasons, my report is to
protecting the system's battery.
Best regards,
Roland
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cryptsetup-functions.patch
Type: text/x-patch
Size: 876 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-cryptsetup-devel/attachments/20210919/dc1a3df7/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cryptsetup-initramfs-cryptroot.patch
Type: text/x-patch
Size: 1384 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-cryptsetup-devel/attachments/20210919/dc1a3df7/attachment-0001.bin>
More information about the pkg-cryptsetup-devel
mailing list