| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 16 Apr 2018 01:21:02 +0200 From: Hansjoerg Lipp <hjlipp@....de> To: Gabriel C <nix.or.die@...il.com> Cc: LKML <linux-kernel@...r.kernel.org> Subject: Re: [RFC] Passing luks passphrase from grub to systemd Hello Gabriel, On Mon, Apr 16, 2018 at 12:35:33AM +0200, Gabriel C wrote: > 2018-04-15 21:06 GMT+02:00 Hansjoerg Lipp <hjlipp@....de>: > > as I'm stuck with a (non-EFI x86_64) system with encrypted root > > partition, I have to enter the passphrase twice (grub needs it for > > getting the kernel etc., systemd needs it for mounting the root > > partition). This can be quite inconvenient, especially if the passphrase > > is long and contains special characters, and grub assumes a different > > keyboard layout. > > I therefore developed a proof of concept code allowing grub to pass the > > passphrase to the kernel and systemd to get the passphrase from the > > kernel. See the description and patch for the Linux part and the link to > > all changes below. > > Somethng like this is not needed. > All that is possible already from userspace. > > Systemd can do that on his own ( see systemd-cryptsetup-generator ) > ( other init ofc too ) assuming your initrd , cryptsetup and grub is > setup correctly. can this be done even if the /boot directory is located inside the encrypted root partition? I'll have another look at this tomorrow as I'm currently too tired. This would be really great news for me. (And I'd have to wonder how I didn't get this right on my own... I already learned a lot about the boot process doing this, and obviously I still do not understand enough.) Thank you for your quick response, Hansjoerg
Powered by blists - more mailing lists