FS#31877 - [cryptsetup] keyfile in encrypted initramfs hook support
Attached to Project:
Arch Linux
Opened by Zack Buhman (buhman) - Wednesday, 10 October 2012, 11:37 GMT
Last edited by Christian Hesse (eworm) - Saturday, 04 November 2017, 23:06 GMT
Opened by Zack Buhman (buhman) - Wednesday, 10 October 2012, 11:37 GMT
Last edited by Christian Hesse (eworm) - Saturday, 04 November 2017, 23:06 GMT
|
Details
Proposal/Rationale:
It is possible, though not very well documented, in grub 2.00 (photo of what I'm talking about attached) to have the /boot filesystem inside a LUKS container, and grub is capable of decrypting the master key, and unlocking the container to load the grub configuration, kernel, initramfs and so on. This then makes for, in my opinion, a very sane opportunity to use the initramfs as a keyfile storage location, which solves the problem of not having to type the same passphrase twice on boot (currently there appears to be no magic that allows grub to pass the master key to the kernel), without having to resort to silliness like putting the keyfile on some unencrypted removable storage. The greatest benefit, however, is that using this method, it is possible to then, in a way that doesn't potentially jeopardize the secrecy of the keyfile, kexec a machine without requiring human intervention in early-boot. Implementation: It seems that the current encrypt hook seems to make the assumption that all keyfiles can only be located on some sort of block device, rather than on the initramfs. So I made a quick hack (the primary goal being to modify the current hook as little as possible) that allows one to specify the location of the keyfile on initramfs. The current patch is sub-optimal/ugly, however, because the kernel line ends up looking like "cryptkey=dontcare:/path/to/key:dontcare" or even "cryptkey=dontcare:/path/to/key". I am eagerly interested to hear your opinions on how to possibly improve the cryptkey parameters. |
This task depends upon
Closed by Christian Hesse (eworm)
Saturday, 04 November 2017, 23:06 GMT
Reason for closing: Not a bug
Additional comments about closing: Should work with current code.
Saturday, 04 November 2017, 23:06 GMT
Reason for closing: Not a bug
Additional comments about closing: Should work with current code.
It would be great if it could be implemented.