subject:"Bug#563961\: \[pkg\-cryptsetup\-devel\] Bug#563961\: cryptsetup\: Please support single passphrase prompt for multiple volumes"

Bug#563961: [pkg-cryptsetup-devel] Bug#563961: cryptsetup: Please support single passphrase prompt for multiple volumes

2010-01-06 Thread Michael Gebetsroither

Harald Braumann wrote:
Hallo Harald,

 cryptsetup should support decrypting multiple volumes with the same passphrase
 and only prompt for it once.
 
 Attached is a script which can be used as a `keyscript'. It prompts for the
 passphrase and stores it in a key ring for a short amount of time using 
 Linux' 
 key retention facility. Further passphrase requests are satisfied from the
 stored value without prompting again.

Your attachment seems to be missing.

Though i've written a similar script some time ago and just fixed a few
things up.

The script can be found on github with additional Dokumentation:
http://github.com/gebi/keyctl_keyscript/blob/master/keyctl_keyscript
http://github.com/gebi/keyctl_keyscript

 This works quite well, however there are a view problems:
 - only works on Linux

no problem, as dm-crypt is linux only

 - the passphrase is stored for some time and might be exposed (at least
   root can dump the stored passphrase)

root can get the passphrase anyway.

 - the passphrase is piped between processes and might end up in 
   unsecure memory and be written to swap

This is not nice, ack!
Though it's not that smart to have crypto filesystems without crypted swap.

 A better approach would be to add support for this functionality to 
 cryptsetup.
 Cryptsetup could then decrypt all volumes that belong to the same group at 
 once
 and there would be no need to retain the passphrase. I'm not sure, if there 
 would
 be problems if the root volume is part of such a group, because then all the
 volumes would have to be decrypted at the time the root volume is decrypted, 
 which
 happens very early in the boot process.

At least a option to get cryptsetup to cache the passphrase in a
specific keyring would be nice, and _only_ cache it if the passphrase
was correct. This would also remove the problem with passphrase piping
and possible ending in unsecure memory.

michael



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#563961: [pkg-cryptsetup-devel] Bug#563961: cryptsetup: Please support single passphrase prompt for multiple volumes

2010-01-06 Thread Harald Braumann

On Wed, 06 Jan 2010 19:35:27 +0100
Michael Gebetsroither g...@sbox.tugraz.at wrote:

 Harald Braumann wrote:
 Your attachment seems to be missing.
Sorry, attached now. 

 Though i've written a similar script some time ago and just fixed a
 few things up.
 
 The script can be found on github with additional Dokumentation:
 http://github.com/gebi/keyctl_keyscript/blob/master/keyctl_keyscript
 http://github.com/gebi/keyctl_keyscript
Seems we had the same idea. Differences are:
- I use /lib/cryptsetup/askpass. I think that this is required if you
  use a graphical boot screen
- Retry on wrong password (see below)

  This works quite well, however there are a view problems:
  - only works on Linux
 
 no problem, as dm-crypt is linux only
Ah, alright.

  - the passphrase is stored for some time and might be exposed (at
  least root can dump the stored passphrase)
 
 root can get the passphrase anyway.
Sure, he can do all sorts of things to sniff the passphrase at
entry time. But if it's retained, it can also be retrieved later. Not
that much of a difference, but still.

 
  - the passphrase is piped between processes and might end up in 
unsecure memory and be written to swap
 
 This is not nice, ack!
 Though it's not that smart to have crypto filesystems without crypted
 swap.
Agreed, but while it's already bad enough to leak some sensitive data,
it is much worse to leak the passphrase, because that can be used
to decrypt the whole encrypted volume. Also, this can then be
done offline. And the passphrase might be used for other
encrypted volumes. While it is a user error to not encrypt the swap,
the system should be implemented in a way to minimise the damage.

 At least a option to get cryptsetup to cache the passphrase in a
 specific keyring would be nice, and _only_ cache it if the passphrase
 was correct. 
My script already does this to a certain extent. You have to tag
a special entry by appending `:' to the key parameter. In this case it
always asks for the passphrase, even if it is called a second time (in
case the user mistyped). This should be the first entry for the group.

 This would also remove the problem with passphrase piping
 and possible ending in unsecure memory.
Yes, that would be nice.

harry


cryptgroup.tgz
Description: application/compressed-tar


signature.asc
Description: PGP signature

Bug#563961: [pkg-cryptsetup-devel] Bug#563961: cryptsetup: Please support single passphrase prompt for multiple volumes

Bug#563961: [pkg-cryptsetup-devel] Bug#563961: cryptsetup: Please support single passphrase prompt for multiple volumes

2 matches

Site Navigation

Mail list logo

Footer information