From: Quentin Lefebvre <qlefebvre_pro@yahoo.com>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] Empty key files vs empty passwords in plain mode
Date: Sun, 23 Nov 2014 15:01:58 +0100 [thread overview]
Message-ID: <5471E8D6.4020806@yahoo.com> (raw)
In-Reply-To: <5471DE14.50405@gmail.com>
On 23/11/2014 14:16, Milan Broz wrote :
> On 11/23/2014 01:44 PM, Quentin Lefebvre wrote:
>
>>> I experienced some troubles recently with Debian's cryptsetup package
>>> (testing version), which version is 1.6.6.
>>> I found out that empty key files get refused by cryptsetup, for example:
>>> cat empty_file | cryptsetup --debug --key-file=- open --type plain
>>> /test1.loop test1
>>> gets rejected.
>>> The debug output directly leads to a test in utils_crypt.c that, I
>>> think, should be removed.
>>>
>>> Indeed, empty passwords are accepted, so it make sense to accept also
>>> empty inputs.
>>> Especially in Debian, where cryptdisks_start script calls:
>>> /lib/cryptsetup/askpass | cryptsetup --key-file=- open --type [type]
>>> [src] [dst]
>>>
>>> What do you think about this issue?
>>> Shall I send a patch for that?
>
> Well, logically it should be the same. But reading empty keyfile never worked AFAIK
Right, and this is just because of a test that returns an error code in
case the key file is empty.
> and IMHO the case that you encrypt device by empty keyfile by mistake
> is more common...
I agree and I think there should be at least a warning.
> I am tempting to say it is a safety feature than bug :-)
>
> Anyway, please create issue on project page, https://code.google.com/p/cryptsetup/issues/list
> If you have a patch, attach it there as well.
Sure, I'll do that. But which tool is preferred to write a patch for
cryptsetup?
> I will get to it but this is not really urgent issue to solve.
In my opinion, the problem is, for example, when a user enters a blank
password (not secured, sure) and then reboot and can't mount his file
system because of a script piped to cryptsetup.
> BTW I would better suggest that Debian uses pwquality library with some sane
> defaults and will not allow users to enter so weak passwords in the first place...
>
> (There is always --force-password switch so your issue is still kind of problem
> for testing though.)
OK.
Thanks for this answer.
Cheers,
Quentin
next prev parent reply other threads:[~2014-11-23 14:01 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-19 21:24 [dm-crypt] Empty key files vs empty passwords in plain mode Quentin Lefebvre
2014-11-23 12:44 ` Quentin Lefebvre
2014-11-23 13:16 ` Milan Broz
2014-11-23 14:01 ` Quentin Lefebvre [this message]
2014-11-23 14:57 ` Milan Broz
2014-11-23 15:29 ` Quentin Lefebvre
2014-11-23 15:33 ` Quentin Lefebvre
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5471E8D6.4020806@yahoo.com \
--to=qlefebvre_pro@yahoo.com \
--cc=dm-crypt@saout.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.