On Sun, Jun 04, 2006 at 09:38:28PM +0200, Jonas Meurer wrote:
1) seperate the init-script and the decrypt-scripts so that anybody can
write his own decrypt-script without modify the init-script. The
decrypted key must be in "/tmp/cryptdisk.key" were it will be removed
after added a crypted disk.
good idea, i will implement it soon.
Writing a key to /tmp might not be a good idea since it could be
recoverable later.
Why not change the semantics of /etc/crypttab so that the third column
(keyfile) is interpreted as a script if the file exists and has the
executable bit set. If so, the script is executed and its stdout is
piped to cryptsetup via stdin.
Sounds ok?
//David
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
