| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAEJqkghu-c90=cocnkxW7zD9twkb0v=DTNbQgmUC4JGC6fvgWw@mail.gmail.com> Date: Mon, 16 Apr 2018 00:35:33 +0200 From: Gabriel C <nix.or.die@...il.com> To: Hansjoerg Lipp <hjlipp@....de> Cc: LKML <linux-kernel@...r.kernel.org> Subject: Re: [RFC] Passing luks passphrase from grub to systemd 2018-04-15 21:06 GMT+02:00 Hansjoerg Lipp <hjlipp@....de>: > Hello, > Hello, > as I'm stuck with a (non-EFI x86_64) system with encrypted root > partition, I have to enter the passphrase twice (grub needs it for > getting the kernel etc., systemd needs it for mounting the root > partition). This can be quite inconvenient, especially if the passphrase > is long and contains special characters, and grub assumes a different > keyboard layout. > I therefore developed a proof of concept code allowing grub to pass the > passphrase to the kernel and systemd to get the passphrase from the > kernel. See the description and patch for the Linux part and the link to > all changes below. > > I'm presenting my code here because I'd like to know if something like > this might be useful also for other people (and further development > might be sensible). I'd also be thankful for comments how this might be > implemented in a better way. Somethng like this is not needed. All that is possible already from userspace. Systemd can do that on his own ( see systemd-cryptsetup-generator ) ( other init ofc too ) assuming your initrd , cryptsetup and grub is setup correctly. Regards, Gabriel C
Powered by blists - more mailing lists