On Mon, Jul 9, 2012 at 4:28 PM, Lennart Poettering <[email protected]> wrote: > On Mon, 09.07.12 11:02, Matthew Monaco ([email protected]) wrote: > >> On 07/09/2012 10:51 AM, Lennart Poettering wrote: >> > On Fri, 29.06.12 13:40, Tom Gundersen ([email protected]) wrote: >> > >> >> This is useful if your keyfile is a block device, and you want to >> >> use a specific part of it, such as an area between the MBR and the >> >> first partition. >> >> >> >> This feature is documented in the Arch wiki[0], and has been supported >> >> by the Arch initscripts, so would be nice to get this into systemd. >> > >> > Hmm, I am not opposed to merge this, but before I do: I am a bit puzzled >> > what the usecase for this is -- why would you store the key like this? >> > Kinda defeats the purpose of encryption, no? >> >> It's no different than storing your key as a file (on a USB key) except >> there's >> a little added obfuscation. Also, it's simpler (imo); you don't have to wait >> for >> a FS to be mounted when unlocking your dm-crypt device. > > Ah, so this is about storing the key on a different disk then the one to > decrypt. Didn't get that part, I see.
So does it look ok? Should I resubmit with a better explanation? Cheers, Tom _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
