[Pkg-cryptsetup-devel] Bug#487245: Bug#487245: Bug#487245: cryptsetup: tries and tiemout should be passed as arguments to the keyscript
Christoph Anton Mitterer
christoph.anton.mitterer at physik.uni-muenchen.de
Mon Jun 23 08:39:56 UTC 2008
On Mon, 2008-06-23 at 00:46 +0200, David Härdeman wrote:
> On Fri, Jun 20, 2008 at 04:32:21PM +0200, Christoph Anton Mitterer wrote:
> No, they should not. The moment you expect keyscripts to handle tries
> you've broken askpass as it can't know if an passphrase is correct or
> not. You also risk breaking any other scripts in a similar fashion.
Uhm,.. ok I must admit that I didn't know askpass.
Is it documented somewhere? And how am I supposed to use it?
(I'm writing a decrypt_openpgp script.)
> Also, for timeout I fail to see the point.
> crypt devices fall into two
> categories, those that are necessary to boot (here a timeout makes no
> sense)
Agree.
> and those which aren't (here you'd normally start the mapping
> yourself while sitting at the console so you can decide when and if to
> cancel the setup attempt).
Ok,.. but why does timeout exist if you argue that way?
And there are also that devices, that aren't necessary to boot (normally
this is only the root-fs) but should be automatically mapped and mounted
(e.g. swap, or perhaps a data- or home-partition), right?
It should be possible to specify a timeout here, even if the user
doesn't have to enter a passpharse, because perhaps the key is on
another medium, that has to be mounted,.. but is not available or so.
Best wishes,
Chris.
More information about the Pkg-cryptsetup-devel
mailing list