[dm-crypt] Verify LUKS password

Marcos Barbosa marcosestevesbarbosa at gmail.com
Tue Nov 29 19:33:22 CET 2011


There's a function in a shared library to check the password? A function to
pass the password and return is is correct or not.

2011/11/29 Arno Wagner <arno at wagner.name>

> On Tue, Nov 29, 2011 at 06:40:18PM +0100, Yves-Alexis Perez wrote:
> > On mar., 2011-11-29 at 18:31 +0100, Arno Wagner wrote:
> > > If you actually want to remove the LUKS mapping (i.e. "close" the
> > > LUKS container) when the screen safer engages and remap the LUKS
> > > container when the screensaver is unlocked, then this is complicated.
> > > It mau also not be what you want, given that unmapping the LUKS
> > > container with open files is eiter not possible or can result in
> > > arbitrary data corruption (I have not tried it). So you would
> > > need to do something like this on screenlocker-engage:
> > >
> > > 1. Determine all open files in the LUKS container
> > > 2. Terminate all applications that have these files open
> > > 3. Unmount the LUKS container and verify it did unmount.
> > >    If unmount fails, go to 1. (An application could have opened
> > >    a file in between...) Maybe you can also do a ro remount first.
> > > 4. Unmap the LUKS container.
> > >
> > > Now, this would need to be somehow script-driven from the
> > > screensaver. Whether automated application clsoe is a good idea
> > > depends very much on the situation and is generally _not_ a good
> > > idea.
> > >
> >
> > What about luksSuspend operation?
>
> Well, maybe. If _all_ used applications can deal with
> I/O calls to take forever.
>
> Arno
> --
> Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email:
> arno at wagner.name
> GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25
> 338F
> ----
> Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
>
> If it's in the news, don't worry about it.  The very definition of
> "news" is "something that hardly ever happens." -- Bruce Schneier
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>



-- 
Marcos Barbosa <marcosestevesbarbosa at gmail.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20111129/8a340c64/attachment.html>


More information about the dm-crypt mailing list