Re: Kernel Keyring Service

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I am wondering if it could be possible to create a virtual crypto module that is a wrapper for both the key-ring services and other crypto modules. The key would include two components: 1) the id of a key currently resident in the key ring, and 2) the name of the actual crypto module that you want to sit behind the wrapper. Such an approach should allow any kernel component that can use kernel crypto modules to use a key in the kernel keying with any crypto module. 

Is that too simplistic or too kludgy?

Safayet

-----Original Message-----
From: Alasdair G Kergon [mailto:agk@xxxxxxxxxx] 
Sent: Friday, December 12, 2014 8:47 PM
To: Ahmed, Safayet (GE Global Research)
Cc: dm-crypt@xxxxxxxx
Subject: Re:  Kernel Keyring Service

On Fri, Dec 12, 2014 at 04:23:20PM +0000, Ahmed, Safayet (GE Global Research) wrote:
> Is there a way to setup an encrypted partition with keys from the kernel key ring? 

Having an option for device-mapper to access keys by reference instead of directly has been discussed as a desirable future feature for a long time, but as far as I know, nobody's got as far as starting any design discussions yet.

Alasdair

_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt




[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux