> For sure. For the authentication part of the PAM module, I've added > the ability to have multiple tokens for one user (like a backup > Yubikey, or an administrator with another Yubikey). > > Perhaps it's easier for users to present multiple authentication > devices (one USB disk, one Yubikey, one smartcard or any combination > of these) to effectively get backup access to their files, than it is > to get them to actually print the mount passphrase? > > The mount passphrase would be stored one time for each authentication > device, encrypted with the PAM_AUTHTOK the authentication device is > capable of producing. > > Have you had any thoughts along these lines?
FWIW I am hoping to take a good close look thursday or friday. thanks, -serge
signature.asc
Description: Digital signature
_______________________________________________ Mailing list: https://launchpad.net/~ecryptfs-users Post to : [email protected] Unsubscribe : https://launchpad.net/~ecryptfs-users More help : https://help.launchpad.net/ListHelp
