On Wed, 06 Jan 2010 19:35:27 +0100
Michael Gebetsroither g...@sbox.tugraz.at wrote:
Harald Braumann wrote:
Your attachment seems to be missing.
Sorry, attached now.
Though i've written a similar script some time ago and just fixed a
few things up.
The script can be found on github with additional Dokumentation:
http://github.com/gebi/keyctl_keyscript/blob/master/keyctl_keyscript
http://github.com/gebi/keyctl_keyscript
Seems we had the same idea. Differences are:
- I use /lib/cryptsetup/askpass. I think that this is required if you
use a graphical boot screen
- Retry on wrong password (see below)
This works quite well, however there are a view problems:
- only works on Linux
no problem, as dm-crypt is linux only
Ah, alright.
- the passphrase is stored for some time and might be exposed (at
least root can dump the stored passphrase)
root can get the passphrase anyway.
Sure, he can do all sorts of things to sniff the passphrase at
entry time. But if it's retained, it can also be retrieved later. Not
that much of a difference, but still.
- the passphrase is piped between processes and might end up in
unsecure memory and be written to swap
This is not nice, ack!
Though it's not that smart to have crypto filesystems without crypted
swap.
Agreed, but while it's already bad enough to leak some sensitive data,
it is much worse to leak the passphrase, because that can be used
to decrypt the whole encrypted volume. Also, this can then be
done offline. And the passphrase might be used for other
encrypted volumes. While it is a user error to not encrypt the swap,
the system should be implemented in a way to minimise the damage.
At least a option to get cryptsetup to cache the passphrase in a
specific keyring would be nice, and _only_ cache it if the passphrase
was correct.
My script already does this to a certain extent. You have to tag
a special entry by appending `:' to the key parameter. In this case it
always asks for the passphrase, even if it is called a second time (in
case the user mistyped). This should be the first entry for the group.
This would also remove the problem with passphrase piping
and possible ending in unsecure memory.
Yes, that would be nice.
harry
cryptgroup.tgz
Description: application/compressed-tar
signature.asc
Description: PGP signature