At Mon, 12 Oct 2009 11:12:29 +0200, Ludwig Nussel wrote: > > Another reason is that tokentube allows for different deployment options: it's > > possible to configure the system in such a way that the user's auth files (key > > files) are in fact owned by the user. That's not a common scenario but I've > > seen environments which required such setups. > Wouldn't that expose the master key to the users? This is exactly what I thought, too. > > > Also, as long as you're using local authentication you don't need to > > > store the password for pam authentication. Should be sufficient to > > > just reconfigure the displaymanager to auto login the user that > > > unlocked the root device. Adding a big amount of complex code to an already working solution raises the chance of putting a security hole into it. And there is also to consider that by far not all users are using PAM at all. Generally, I think the level of adding complex and new code to cryptographic software should be a hundred times higher than usual, because every line of code raises the possibility of introducing a flaw, which often renders the whole software unuseable. _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
