[dm-crypt] Option "validate passphrase" for command cryptsetup

ken gebser at mousecar.com
Tue Jun 19 18:20:46 CEST 2012


On 06/19/2012 10:56 AM Matthias Schniedermeyer wrote:
> On 19.06.2012 16:17, Milan Broz wrote:
>> On 06/19/2012 03:54 PM, Thomas Bächler wrote:
>>
>>> I find the option name --without-activation to be quite long and hard to
>>> type. Is there any reason why you didn't choose '--dry-run' as you first
>>> suggested?
>>
>> Actually I wrote --dry-run, --no-activate, --no-activation, --without-activation
>> on paper ... and then asked someone here what's the best:)
>>
>> Well, I think this option will be rarely used and I guess it is mainly for use
>> in scripts. Option name says exactly what it is doing.
>
> It says what technically happens, not was is the intent of using said
> option. (You have to read the man-page, at least in the git-version of a
> few minutes ago the intent is right after the technicallity)
>
> I think intent is much easier to understand.
>
> So i'd vote for: --test-passphrase

I'd agree, especially since the entire command would then read:

cryptsetup luksOpen /dev/sdc x --test-passphrase -T 1

To read in documentation, on the other hand:

cryptsetup luksOpen /dev/sdc x --without-activation -T 1

I would be asking, "What is not being activated?"  So it's very 
ambiguous.  On the other hand, "--test-passphrase" is much clearer, much 
easier to understand.

Would there still be a delay between invocations?





More information about the dm-crypt mailing list