From: dennis@basis.uklinux.net (Dennis Furey)
To: Bryan Kadzban <cryptsetup@kdzbn.homelinux.net>
Cc: dm-crypt@saout.de
Subject: Re: [dm-crypt] [PATCH] Network passphrase reading
Date: Mon, 18 Jan 2010 04:31:26 +0000 [thread overview]
Message-ID: <20100118043126.GA6523@basis.uklinux.net> (raw)
In-Reply-To: <4B53D741.2080603@kdzbn.homelinux.net>
On Sun, Jan 17, 2010 at 07:36:33PM -0800, Bryan Kadzban wrote:
>
> So with a couple of changes to the initramfs, and the attached patch
> (against current SVN), I could send the passphrase over the network
> instead of typing it in.
...
> Comments?
Apologies if this is well known already, but have a look at
http://www.debian-administration.org/articles/579, which claims to
solve this problem by embedding a lightweight ssh server in the
initramfs, and allows either local or remote booting without sending
the passphrase in clear text. It doesn't appear to require any source
code modifications to cryptsetup.
I for one would be very interested in a standard solution that would
be applicable to remotely hosted dedicated servers.
next prev parent reply other threads:[~2010-01-18 4:31 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-01-18 3:36 [dm-crypt] [PATCH] Network passphrase reading Bryan Kadzban
2010-01-18 4:31 ` Dennis Furey [this message]
2010-01-18 5:14 ` Bryan Kadzban
2010-01-18 9:02 ` Mario 'BitKoenig' Holbe
2010-01-18 21:08 ` Bryan Kadzban
2010-01-19 0:39 ` Mario 'BitKoenig' Holbe
2010-01-19 4:08 ` Bryan Kadzban
2010-01-19 9:44 ` Milan Broz
2010-05-03 14:41 ` Jonas Meurer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100118043126.GA6523@basis.uklinux.net \
--to=dennis@basis.uklinux.net \
--cc=cryptsetup@kdzbn.homelinux.net \
--cc=dm-crypt@saout.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox