lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <2907407.5HaPOCmciK@natalenko.name> Date: Mon, 16 Apr 2018 00:25:22 +0200 From: Oleksandr Natalenko <oleksandr@...alenko.name> To: Hansjoerg Lipp <hjlipp@....de> Cc: linux-kernel@...r.kernel.org Subject: Re: [RFC] Passing luks passphrase from grub to systemd Hi. > as I'm stuck with a (non-EFI x86_64) system with encrypted root > partition, I have to enter the passphrase twice (grub needs it for > getting the kernel etc., systemd needs it for mounting the root > partition). This can be quite inconvenient, especially if the passphrase > is long and contains special characters, and grub assumes a different > keyboard layout. Just fill another LUKS slot with a randomly generated key file and add that file to your initramfs (which already resides on encrypted /boot, right?). If your distro cannot do that, you should probably fixing things there, not adding ugly hacks to the kernel. Check how it is implemented in Arch, for instance [1]. I'm not sure whether this is currently possible with openSUSE, though. Regards, Oleksandr [1] https://klmlinks.wordpress.com/2016/03/
Powered by blists - more mailing lists