Ubuntu Feisty 7.04 - Cryptsetup

Reinhard Tartler siretart at ubuntu.com
Mon Jul 2 11:21:42 BST 2007

James Crocker <mail at james.crocker.name> writes:

> I'm trying to communicate with the maintainers of crypsetup for Ubuntu.
> If you are not the correct party please direct me to the appropriate
> party. Thank you.

I think this list is appropriate, since we don't have a designated list
for cryptsetup in ubuntu (yet). If necessary, we can perhaps create a
team for bughunting and codesharing at some point, but until now, I
think only me, Stéphane Graber and a few others have taken a closer look
at cryptsetup yet.

> I've identified that the current cryptroot scripts are capable of
> utilizing keys on a separate storage device via the options 'key' and
> 'keyscript'. 

Yes, that is mainly because of the debian inheritance of cryptsetup.

In my conversations with Scott James Remnant, it was decided that
cryptsetup should integrate into udev properly. This brings up several
new issues, like the need of finding some way to properly and securly
asking the user for password input. This work is still to be done, until
now, I've applied and reverted various patches to get the best out of
cryptsetup. Currently, we are using the functionality from debian, with
a small patch that quits usplash, becuase the verison in feisty does not
support a sensible password input mechanism (planned for gutsy).

> I've implemented a Two Form factor system authentication utilizing a USB
> CryptKey. Unfortunately, the 'local-top/cryptroot' is unable to process
> a keyscript that requires user input and other i/o redirections. 

> ...

> I've created a community document about Feisty and two form factor key
> setup for whole disk encryption:
> https://help.ubuntu.com/community/FeistyLUKSTwoFormFactor?highlight=%
> 28two%29%7C%28form%29

I need to take a closer look at that. thanks for writing it up, it looks

Reinhard Tartler, KeyID 945348A4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 213 bytes
Desc: not available
Url : https://lists.ubuntu.com/archives/ubuntu-motu/attachments/20070702/f1bdb903/attachment.pgp 

More information about the Ubuntu-motu mailing list