`cryptsetup` support for systems without udisks is planned, however feedback is needed on the naming of the device-mapper entry and the mount point. Currently evaluating `luks-$FS_UUID` for the device-mapper entry and an option to set the mountpoint that defaults to `/mnt`. Should sudo be called inside the script to mount system disks?
The issue with the newline on the end of the keyfile is that udisksctl needs it without a newline, otherwise it ends up with a newline in your password. On 3/7/20 11:39 AM, Johannes Larsen wrote: > 2020-03-06 21:18:52 -0500, William Morris <[email protected]> wrote: >> Initial `udisks` support has been added to >> [pass-mount](https://github.com/HXR/pass-mount) version 0.1.0 > > Interesting, I might consider using something like this. Today I am > using pass directly in scripts for unlocking disks with: > > pass <entry> | cryptsetup open <dev> <entry> --key-file=- > > And it should be noted that the keyfiles from these approaches differs > slightly. When using `pass show` the output will always end with a > newline, whilst your script stripped that off. > > It was easy to change my keyfiles to your udisks format. First try did > not work because of the lack of newline, but it worked flawlessly when I > changed the script to use: printf '%s\n' as the keyfile instead. > > It is not important to me whether or not there is a newline at the end, > I just thought it was useful to note that not having it make your > approach incompatible with using `pass show` directly. >
