Bug#884788: systemd-ask-password echos password as stars (*) while decrypting LUKS partition
Michael Biebl
biebl at debian.org
Sat Dec 30 23:59:27 GMT 2017
Am 20.12.2017 um 10:41 schrieb root kea:
> On Wed, Dec 20, 2017 at 4:46 AM, Michael Biebl <biebl at debian.org> wrote:
>
>> I think this is intentional behaviour, so you'll easily spot that your
>> input system works
>
> The current implementation is that the password gets echoed to
> terminal as star(*) characters by default and one needs to press TAB
> or BACKSPACE key to turn off the echo.
>
> Now it's quite possible that there are people who want to make sure
> that their input works while entering password. For them a key should
> be configured (e.g. TAB or BACKSPACE) to echo the stars(*). By default
> password shouldn't be echoed at all. Something like when most of the
> modern GUIs make you click on button to reveal the password. By
> default they print stars/dots.[0] (This is an analogy)
>
> There are mainly 2 reasons behind this proposal:
> 1. Security by obscurity (hiding the length of pass-phrase)
> 2. consistency
Since I don't really agree with your reasoning, I'll leave it up to you
to raise this issue upstream at
https://github.com/systemd/systemd/issues if you want to see this
behaviour changed.
We won't ship a Debian specific patch and deviate from upstream
behaviour in that regard.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20171231/c8456754/attachment-0002.sig>
More information about the Pkg-systemd-maintainers
mailing list