Re: cryptsetup Yubikey challenge-response support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi JT,

well, you can certainly send answers to me when they are 
finished and I can start building a LUKS 2 section in the 
existing FAQ based on that.

Just remember, it is an FAQ, it is not intended to replace 
the original documentation, it is intended to supplement it.
If anybody wants to write some HOWTOs outside of the FAQ,
that may also be a good idea, especially as an FAQ is not
really suitable to answer complicated question or explain
complex processes.

@everybody: What are the preferences: Separate LUKS 2 FAQ or 
section in the existing FAQ? 

@LUKS 2 team: If you want to do a LUKS 2 FAQ yourself, please 
let me know and I will stay out of it.

Regards,
Arno

On Sat, Apr 11, 2020 at 23:05:36 CEST, JT Moree wrote:
> On Sat, 2020-04-11 at 21:56 +0200, Arno Wagner wrote:
> > If you want to start a LUKS 2 FAQ, be my guest. But be aware 
> > that such a thing is a _lot_ of work before it is anywhere 
> > 
> 
> I am documenting for myself as I figure luks2 out and would be willing
> to contribute to some end user LUKS2 docs.  I have read the spec pdf
> and am still trying to understand how the less used features work
> --hence my presence on this list.
> 
> It seems that quite a few people have posted this month with an
> interest in working on various aspects--mostly smart card related.  If
> someone has specific needs pleaase post to this list.  We will do what
> we can.
> 
> I am building my own LUKS2 questions and answers and will share them as
> I find answers. here are the questions I have so far--some of which we
> have started addressing on this list.
> 
> Questions
> =========
> 
> * it seems like the keyslot area size is not fixed in luks2 spec.  is
> this correct?  what is the default size of keyslot area in the
> reference implementation?  
> 
> * how can I tell if a luks container is already in use before trying to
> open it? what is the best way?  alternatives?
> 
> * what is an unbound keyslot?  How can I use it?
> * what is pbkdf?
> * what are per keyslot parameters?
> * How can I insert JSON data into the LUKS 2 header?
> * How can I extract JSON data from the LUKS 2 header?
> * How can I store binary data in the LUKS 2 header?
> * I see the header is redundant. Is there an automatic recovery?
> * How can I manually recover the luks header if the primary one is
> corrupted?
> 
> 
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@xxxxxxxx
> https://www.saout.de/mailman/listinfo/dm-crypt

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@xxxxxxxxxxx
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
https://www.saout.de/mailman/listinfo/dm-crypt



[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux