[dm-crypt] Option "validate passphrase" for command cryptsetup
jonas at freesources.org
Tue Jun 19 18:46:18 CEST 2012
Am 19.06.2012 18:14, schrieb Milan Broz:
> On 06/19/2012 05:04 PM, jonas wrote:
>> if I'm not wrong, one difference between Louis' suggestion and the way
>> you implemented it is, that the former works with active devices, and
>> the latter doesn't, right?
> No, it is exactly the same. It works even for active devices.
> (Check for active device is later.)
great to hear that I was wrong ;)
>> I like the idea of a --dry-run option which works for all commands,
>> just like a simulation mode. But as well I like the idea of a command
>> for key validation, which takes the same commandline options as
>> luksOpen, and simply verifies whether the given key (passphrase,
>> keyfile, whatever) is valid.
> Well, universal --dry-run is nice idea but I am not going to implement it now.
> (and I would perhaps do it differently - do everything as is except final
> on-disk metadata update or in-kernel device change.)
Now that my concerns above are proved wrong I don't consider support for
global --dry-run option that important anymore.
> Well, I have local commit renaming this luksOpen option to --test-passphrase.
> If there are no other suggestions for today, I'll commit it.
> (grumbling something about bikeshedding :-)
To make it even worse: I don't consider --test-passphrase a good name
for the option. But I don't care that much about names either.
More information about the dm-crypt