From: Milan Broz <gmazyland@gmail.com>
To: Dan Farrell <djfarrell@gmail.com>
Cc: JT Moree <moreejt@yahoo.com>, dm-crypt <dm-crypt@saout.de>
Subject: Re: [dm-crypt] cryptsetup Yubikey challenge-response support
Date: Wed, 15 Apr 2020 21:38:38 +0200 [thread overview]
Message-ID: <3a5505de-2a6a-ebd0-8468-af1661bd243b@gmail.com> (raw)
In-Reply-To: <CAKO8emYr9z7Yk8A09H7YKFaLqG+=BgGCdBbnzOMmT+8bLqvRMg@mail.gmail.com>
On 15/04/2020 08:37, Dan Farrell wrote:
>
> Please take a look at the attached, feel to poke fun at it, it is
> terrible for all of the reasons.
>
> But, if something that did what is achieved in this patch was done
> properly, would it be even possible to get it merged?
Hi,
Why do you need this? Cryptsetup easily allows to pipe passphrase:
/path/some_helper | cryptsetup open ....
(some tricks are needed to process binary input, but it is possible,
see man page or ask here).
For LUKS2, you can also define keyring token, store passphrase in keyring
under defined name and then cryptsetup automagically use it in open command.
(Even systemd-ask-password scripts can be used to automate it, but
I understand there is a group of people that is quite reserved to this,
me included. For reference see clevis/tang project, but please do not
ask me about it in detail :-)
Milan
next prev parent reply other threads:[~2020-04-15 19:38 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <233063842.2717340.1586366160963.ref@mail.yahoo.com>
2020-04-08 17:16 ` [dm-crypt] cryptsetup Yubikey challenge-response support JT Morée
2020-04-10 3:01 ` Dan Farrell
2020-04-11 14:49 ` JT Moree
2020-04-11 16:09 ` Milan Broz
2020-04-11 19:56 ` Arno Wagner
2020-04-11 21:05 ` JT Moree
2020-04-11 22:23 ` Arno Wagner
2020-04-12 13:00 ` [dm-crypt] LUKS FAQ separate for LUKS1/LUKS2, or combined? Was: " Michael Kjörling
2020-04-14 10:56 ` Milan Broz
2020-04-15 22:25 ` Arno Wagner
2020-04-14 11:35 ` [dm-crypt] " Milan Broz
2020-04-15 21:47 ` Arno Wagner
2020-04-15 6:37 ` Dan Farrell
2020-04-15 6:48 ` Dan Farrell
2020-04-15 7:08 ` Dan Farrell
2020-04-15 19:38 ` Milan Broz [this message]
2020-04-16 2:03 ` Dan Farrell
2020-04-16 10:36 ` Milan Broz
2020-04-08 8:37 7heo
2020-04-08 10:07 ` Nikolay Kichukov
2020-04-08 16:31 ` Tim Steiner
2020-04-08 22:18 ` Dan Farrell
-- strict thread matches above, loose matches on Subject: below --
2020-04-08 7:54 Dan Farrell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3a5505de-2a6a-ebd0-8468-af1661bd243b@gmail.com \
--to=gmazyland@gmail.com \
--cc=djfarrell@gmail.com \
--cc=dm-crypt@saout.de \
--cc=moreejt@yahoo.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.