From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vdrpdTt_uQSW for ; Wed, 20 Jun 2012 03:13:25 +0200 (CEST) Received: from v4.tansi.org (ns.km33513-03.keymachine.de [87.118.94.3]) by mail.saout.de (Postfix) with ESMTP for ; Wed, 20 Jun 2012 03:13:25 +0200 (CEST) Received: from gatewagner.dyndns.org (84-74-164-202.dclient.hispeed.ch [84.74.164.202]) by v4.tansi.org (Postfix) with ESMTPA id 51F1D205E4E for ; Wed, 20 Jun 2012 03:13:25 +0200 (CEST) Date: Wed, 20 Jun 2012 03:13:23 +0200 From: Arno Wagner Message-ID: <20120620011323.GA29688@tansi.org> References: <4FE05A32.9010402@gresille.org> <4FE061DE.5080200@gmail.com> <55fcb858bc6943ac636a50cf12706871@imap.freesources.org> <4FE0A548.7030007@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4FE0A548.7030007@gmail.com> Subject: Re: [dm-crypt] Option "validate passphrase" for command cryptsetup List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de Good discussion here, I like it! I prefer --test-passphrase, as it does not have the general ring of --dry-run. With --dry-run, people would rightfully expect to be able to use it everywhere. Just let me know what the final decision is and I will add it to the man-page. Arno On Tue, Jun 19, 2012 at 06:14:00PM +0200, Milan Broz wrote: > On 06/19/2012 05:04 PM, jonas wrote: > > > if I'm not wrong, one difference between Louis' suggestion and the way > > you implemented it is, that the former works with active devices, and > > the latter doesn't, right? > > No, it is exactly the same. It works even for active devices. > (Check for active device is later.) > > > I like the idea of a --dry-run option which works for all commands, > > just like a simulation mode. But as well I like the idea of a command > > for key validation, which takes the same commandline options as > > luksOpen, and simply verifies whether the given key (passphrase, > > keyfile, whatever) is valid. > > Well, universal --dry-run is nice idea but I am not going to implement it now. > (and I would perhaps do it differently - do everything as is except final > on-disk metadata update or in-kernel device change.) > > > Well, I have local commit renaming this luksOpen option to --test-passphrase. > If there are no other suggestions for today, I'll commit it. > > Milan > (grumbling something about bikeshedding :-) > _______________________________________________ > dm-crypt mailing list > dm-crypt@saout.de > http://www.saout.de/mailman/listinfo/dm-crypt > -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@wagner.name GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- One of the painful things about our time is that those who feel certainty are stupid, and those with any imagination and understanding are filled with doubt and indecision. -- Bertrand Russell