On Fri, 11.03.11 20:26, Jan Engelhardt (jeng...@medozas.de) wrote: Heya, > I have been made aware of showing stars when entering passwords for > crypttab volumes through systemd's integrated scripts/programs is > considered a "feature". Well, I don't concur there. Potential overseers > could count the stars, which is not so thrilling. Which is probably why > UNIX and/or its descendants have had no-stars password prompt pretty > much throughout (/bin/passwd, ssh, and whatelse you can think of). > > Some argue that not showing stars makes it harder to backspace. That may > be true to some extent, since you don't know when to stop hitting > backspace. This in turn has led some programs to simply implement either > three-stars-per-char, but what is really wanted in such a case is simply > a way to merely start over. Sometimes enter works (in case of login > prompts that repeat forever, like getty or xdms), and for those programs > that would like to exit some day (passwd, cryptsetup, etc.), catching ^C > or perhaps ^\ might be in order.
Well I don't agree with your findings, for a couple of reasons: we have been showing asterisks on the password prompt in plymouth when it shows no graphical UI since about always, so this isn't really a change, except that we now do so for plymouth-less prompts too. Then, this is probably the only non-graphical password prompt a user might ever see. After X is up all password prompts do give input feedback, hence it is highly surprising for the user if this one doesn't. Finally, during bootup a lot of output is generated in parallel, which often makes it hard to see the password prompt. Hence some input feedback when the user types his passphrase is very important and helpful. If you pass_phrase_ is so short that it is not even a pass_word_, just a pass_character_, then I think the right fix is not to make invisible that the key is so short, but pick a longer key where this doesn't matter. I think the main reason why most Unix apps haven't done anything like this is mostly that it isn't completely trivial to implement this (just turning of echo is trivial OTH). Also, the traditional Unix user was well versed in Unix, and knew this behaviour. And finally, traditionally stuff like this was executed strictly serialized, to the effect that the prompt could not be overprinted by something else until the user actually entered something. I am not aware of any complaints like this regarding password prompts in gdm or similar, although traditionally Unix user passwords have been much shorter than disk passphrases. (In fact already the wording chosen makes that clear, 'password' vs. 'passphrase'). Lennart -- Lennart Poettering - Red Hat, Inc. _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel