On Mon, 2004-07-05 at 20:56, Alan Cox wrote:
> On Mon, Jul 05, 2004 at 07:58:37PM +0200, Nils Philippsen wrote:
> > initrd rather in the normal initscripts so that configuration (which
> > real device gets mapped to what dm device, cipher to be used, key
> > length, ...) is on /etc were possible and _not_ hidden in the initrd.
>
> Without the key you can't get to the rootfs so I am not sure where else
> you would put such things for the interesting cases. Maybe a link would
> be appropriate from /etc (as with grub.conf ?) to files on /boot ?
I don't know whether I understand you correctly:
- with passphrase: key is generated by hashing a passphrase typed in
while booting
- key is a file on a USB stick
The other information or configuration I was referring to is cipher
algos, key lengths, ... for certain devices which can be kept as an
ordinary configuration file beneath /etc.
Nils
--
Nils Philippsen / Red Hat / nphilipp@xxxxxxxxxx
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety." -- B. Franklin, 1759
PGP fingerprint: C4A8 9474 5C4C ADE3 2B8F 656D 47D8 9B65 6951 3011
Attachment:
signature.asc
Description: This is a digitally signed message part
