On Mon, 09.07.12 11:02, Matthew Monaco ([email protected]) wrote: > On 07/09/2012 10:51 AM, Lennart Poettering wrote: > > On Fri, 29.06.12 13:40, Tom Gundersen ([email protected]) wrote: > > > >> This is useful if your keyfile is a block device, and you want to > >> use a specific part of it, such as an area between the MBR and the > >> first partition. > >> > >> This feature is documented in the Arch wiki[0], and has been supported > >> by the Arch initscripts, so would be nice to get this into systemd. > > > > Hmm, I am not opposed to merge this, but before I do: I am a bit puzzled > > what the usecase for this is -- why would you store the key like this? > > Kinda defeats the purpose of encryption, no? > > It's no different than storing your key as a file (on a USB key) except > there's > a little added obfuscation. Also, it's simpler (imo); you don't have to wait > for > a FS to be mounted when unlocking your dm-crypt device.
Ah, so this is about storing the key on a different disk then the one to decrypt. Didn't get that part, I see. Lennart -- Lennart Poettering - Red Hat, Inc. _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
