Package: cryptsetup Severity: wishlist Hi,
One of the problems I have w/ cryptsetup is that it lacks a way to turn off password prompting without completely turning off cryptdisks. Ideally, what I'd like to have happen is: 1) machine boots, /tmp and swap are mounted from crypttab. 2) I log in, run the cryptdisks init script; /mnt/ is mounted, prompting me for a password. The way I see this working is with a two stage init script; cryptsetup and cryptdisks. Cryptsetup mounts all non-password-prompting devices, and cryptdisks mounts all password-prompting devices (or just all devices in crypttab that aren't already mounted). Enabling or disabling crypt* init scripts can be done either through managing RC symlinks, or through /etc/default/crypt*; perhaps two separate options, the existing CRYPTDISKS_ENABLE specifies whether cryptsetup should be run at all, and CRYPTDISKS_PROMPT could specify whether the prompting cryptdisks script should be run automatically (from cryptsetup; the admin can still run cryptdisks manually, and have everything set up, but it won't be automatically called by init). Thoughts? I'll work out a patch to implement something like this today. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.11-1-686 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) -- Andres Salomon <[EMAIL PROTECTED]>
signature.asc
Description: This is a digitally signed message part