On 04/15/2010 01:30 AM, Arno Wagner wrote: > What I do not see in the current cryptsetup though, is an > option to read the passphrase from stdin, file or named pipe. > That would be a reasonable extension IMO. As mentioned in other mail, it can read passphrase from stdin, also keyfile is supported. But for these types of applications is better use libcryptsetup, you can better control which buffer contain passphrase so you can wipe it. Also locking of memory (avoid to swap out memory with sensitive data) is better controlled through library then in some shell script. An example of code snip to open LUKS device is here http://code.google.com/p/cryptsetup/issues/detail?id=58&can=1#c1 Milan _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
