resending the email with below content to list, didnt check were i sent the email and i ended up sending it not to the list On Thu, Jun 28, 2012 at 7:17 AM, .. ink .. <mhogomchungu@xxxxxxxxx> wrote: >> Passphrase is interactively entered string >> (from real terminal, not stdint), keyfile is everything else. >> > > i know ssh prevents reading passphrase from stdin and demands a "real terminal" > > I have just spent hours googling looking for any security problems > that arise from not caring if the passphrase came from tty,file or > pipe and havent found anything.Any person know of a link i can read up > to get more info?. > > i tried with version 1.5.0 rc1 and 1.3.1 to see how cryptsetup behaves > when it asks for a key interactively while started on a background and > this is what i saw. There seem to be a buffer overflow somewhere. > > [root@mtz sbin]# ./cryptsetup luksOpen /dev/sdc1 xxx & > [3] 29690 > [root@mtz sbin]# Enter passphrase for /dev/sdc1: pp > Usage: pp -t type [-a] [-i input] [-o output] > -t type Specify the input type (must be one of private-key, > public-key, certificate, certificate-request, > pkcs7, crl or name) > -a Input is in ascii encoded form (RFC1113) > -i input Define an input file to use (default is stdin) > -o output Define an output file to use (default is stdout) > > [3]+ Stopped ./cryptsetup luksOpen /dev/sdc1 xxx > [root@mtz sbin]# _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
