better-initramfs icon indicating copy to clipboard operation
better-initramfs copied to clipboard

Published 20 hours ago verified publisher icon slashbeast

Support for keys on external device

Open Soft opened this issue 11 years ago • 2 comments

This patch adds support for storing encryption keys on external devices. It's fairly trivial and seems to work for me, but I haven't done extensive testing.

Soft avatar Sep 04 '13 16:09 Soft

Thanks for the patch.

Note to self:

I do wonder whatever encdelay should be used or rootdelay which already do something like it be used. Also I think I would add enc_dev option to search for specified filename on every device, like liveCDs search for squashfs images. Next it should support remote unlock via askpass, and if keyfile is not found it should fallback to asking for password.

@Samuel, I hope you will be fine if I keep this pull request open/not-merged for little longer until I decide whatever merge it as-is or until I deliver reworked features. I already have image of how I would like it to work in my mind so it shoudn't take too long.

fff7d1bc avatar Sep 07 '13 20:09 fff7d1bc

Hi,

fwiw I haven't forgot about this pull request.

Still wondering how I should handle header and key with multiple luks devices that enc_root= does support.

fff7d1bc avatar Aug 10 '14 19:08 fff7d1bc