Bug#850756: [pkg-cryptsetup-devel] Bug#850756: cryptsetup: Please save password to kernel keyring

Hi Laurent, On Tue, 10 Jan 2017 at 01:07:00 +0100, Laurent Bigonville wrote: > Looking at systemd, I see that they are doing something similar: > > serial = add_key("user", keyname, p, n, KEY_SPEC_USER_KEYRING); > > with keyname="cryptsetup" I just had a look at this and as I wrote in #917067's

Bug#850756: cryptsetup: Please save password to kernel keyring

On Mon, 09 Jan 2017 23:58:11 +0100 Laurent Bigonville wrote: > Hi, > > Since gdm 3.22, there is a new pam module that unlock the gnome-keyring > using the keyring using the password of the luks partition. > > The idea is that on a single user laptop, the user uses the same >

Bug#850756: cryptsetup: Please save password to kernel keyring

On Tue, 2017-01-10 at 17:28 +0100, Laurent Bigonville wrote: > We need to balance the user friendlessness and the security. I think having something like a keyscript, which needs to be manually enabled by root, is friendly enough, isn't it? It's the e.g. the same as with libpam-krb5 - that doesn't

Bug#850756: cryptsetup: Please save password to kernel keyring

Le 10/01/17 à 14:37, Christoph Anton Mitterer a écrit : On Tue, 2017-01-10 at 10:26 +0100, Laurent Bigonville wrote: Well we need this to be integrated in cryptsetup if we want this to work. Especially in the security-relevant context it's IMO always questionable whether everything should work

Bug#850756: cryptsetup: Please save password to kernel keyring

On Tue, 2017-01-10 at 10:26 +0100, Laurent Bigonville wrote: > Well we need this to be integrated in cryptsetup if we want this to > work. Especially in the security-relevant context it's IMO always questionable whether everything should work automagically out-of-the- box. > Do you have any

Bug#850756: cryptsetup: Please save password to kernel keyring

On Tue, 10 Jan 2017 01:33:55 +0100 Christoph Anton Mitterer wrote: > On Mon, 2017-01-09 at 23:58 +0100, Laurent Bigonville wrote: > > Since gdm 3.22, there is a new pam module that unlock the gnome- > > keyring > > using the keyring using the password of the luks

Bug#850756: cryptsetup: Please save password to kernel keyring

On Mon, 2017-01-09 at 23:58 +0100, Laurent Bigonville wrote: > Since gdm 3.22, there is a new pam module that unlock the gnome- > keyring > using the keyring using the password of the luks partition. > > The idea is that on a single user laptop, the user uses the same > password for his encrypted

Bug#850756: cryptsetup: Please save password to kernel keyring

On Mon, 09 Jan 2017 23:58:11 +0100 Laurent Bigonville wrote: > Hi, > > Since gdm 3.22, there is a new pam module that unlock the gnome-keyring > using the keyring using the password of the luks partition. > > The idea is that on a single user laptop, the user uses the same >

Bug#850756: cryptsetup: Please save password to kernel keyring

Package: cryptsetup Version: 2:1.7.3-3 Severity: wishlist Hi, Since gdm 3.22, there is a new pam module that unlock the gnome-keyring using the keyring using the password of the luks partition. The idea is that on a single user laptop, the user uses the same password for his encrypted root and