Hi Laurent,
On Tue, 10 Jan 2017 at 01:07:00 +0100, Laurent Bigonville wrote:
> Looking at systemd, I see that they are doing something similar:
>
> serial = add_key("user", keyname, p, n, KEY_SPEC_USER_KEYRING);
>
> with keyname="cryptsetup"
I just had a look at this and as I wrote in #917067's
On Mon, 09 Jan 2017 23:58:11 +0100 Laurent Bigonville
wrote:
> Hi,
>
> Since gdm 3.22, there is a new pam module that unlock the gnome-keyring
> using the keyring using the password of the luks partition.
>
> The idea is that on a single user laptop, the user uses the same
> password for his en
On Tue, 2017-01-10 at 17:28 +0100, Laurent Bigonville wrote:
> We need to balance the user friendlessness and the security.
I think having something like a keyscript, which needs to be manually
enabled by root, is friendly enough, isn't it?
It's the e.g. the same as with libpam-krb5 - that doesn't
Le 10/01/17 à 14:37, Christoph Anton Mitterer a écrit :
On Tue, 2017-01-10 at 10:26 +0100, Laurent Bigonville wrote:
Well we need this to be integrated in cryptsetup if we want this to
work.
Especially in the security-relevant context it's IMO always
questionable whether everything should work
On Tue, 2017-01-10 at 10:26 +0100, Laurent Bigonville wrote:
> Well we need this to be integrated in cryptsetup if we want this to
> work.
Especially in the security-relevant context it's IMO always
questionable whether everything should work automagically out-of-the-
box.
> Do you have any speci
On Tue, 10 Jan 2017 01:33:55 +0100 Christoph Anton Mitterer
wrote:
> On Mon, 2017-01-09 at 23:58 +0100, Laurent Bigonville wrote:
> > Since gdm 3.22, there is a new pam module that unlock the gnome-
> > keyring
> > using the keyring using the password of the luks partition.
> >
> > The idea is t
On Mon, 2017-01-09 at 23:58 +0100, Laurent Bigonville wrote:
> Since gdm 3.22, there is a new pam module that unlock the gnome-
> keyring
> using the keyring using the password of the luks partition.
>
> The idea is that on a single user laptop, the user uses the same
> password for his encrypted
On Mon, 09 Jan 2017 23:58:11 +0100 Laurent Bigonville
wrote:
> Hi,
>
> Since gdm 3.22, there is a new pam module that unlock the gnome-keyring
> using the keyring using the password of the luks partition.
>
> The idea is that on a single user laptop, the user uses the same
> password for his enc
Package: cryptsetup
Version: 2:1.7.3-3
Severity: wishlist
Hi,
Since gdm 3.22, there is a new pam module that unlock the gnome-keyring
using the keyring using the password of the luks partition.
The idea is that on a single user laptop, the user uses the same
password for his encrypted root and u
9 matches
Mail list logo
