Package: cryptsetup
Severity: wishlist
I'm thinking we should add a keyscript parameter to crypttab, something
like this:
crypthome /dev/sda2 none cipher=aes,keyscript=/usr/local/bin/myscript.sh
This would allow us to move the gpg and ssl functionality to separate
scripts, deprecate the gpg/ssl parameters in crypttab, easily support
future key methods, remove the hardcoded /sbin/cryptgetpw in the
initramfs scripts and also support the user-written scripts in the
initramfs image by parsing the keyscript option and including it when
the initramfs image is built.
Appropriate arguments should of course be passed to the keyscript when
it is invoked (such as the device, mapping name, key path, etc).
I'll take a look at this while I implement the C wrapper.
Regards,
David
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
