Package: cryptsetup
Version: 2:1.4.3-4
Severity: normal
in /lib/cryptsetup/scripts/decrypt_ssl:
if ! /usr/bin/openssl enc -aes-256-cbc -d -salt -in $1 2>/dev/null 2>&1;
then
^^^^
I guess this is a typo and the first redirection was supposed to send
stdout to /dev/null before stderr being duplicated to it.
Please consider getting rid of these redirections alltogether. 1) These
are ineffective outside of early boot, as openssl apparently opens
/dev/tty directly, and 2) during early boot (where they apparently do
work) the messages provided by openssl can be very helpful. For example,
keyscript=decrypt_ssl did not work for my encrypted root because
openssl's password prompt was being output to stdout as part of the key
material.
You might also want to include a copy of /usr/lib/ssl/openssl.cnf in the
initramfs to avoid a warning for a missing config.
Christian
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
