[dm-crypt] Empty key files vs empty passwords in plain mode

Quentin Lefebvre qlefebvre_pro at yahoo.com
Sun Nov 23 13:44:55 CET 2014


Hi,

Any idea about that?
Maybe there's a better place to discuss development issues?

Best regards,
Quentin

Le 19/11/2014 22:24, Quentin Lefebvre a écrit :
> Hi,
>
> I experienced some troubles recently with Debian's cryptsetup package
> (testing version), which version is 1.6.6.
> I found out that empty key files get refused by cryptsetup, for example:
> cat empty_file | cryptsetup --debug --key-file=- open --type plain
> /test1.loop test1
> gets rejected.
> The debug output directly leads to a test in utils_crypt.c that, I
> think, should be removed.
>
> Indeed, empty passwords are accepted, so it make sense to accept also
> empty inputs.
> Especially in Debian, where cryptdisks_start script calls:
> /lib/cryptsetup/askpass | cryptsetup --key-file=- open --type [type]
> [src] [dst]
>
> What do you think about this issue?
> Shall I send a patch for that?
>
> Best regards,
> Quentin
>
> PS: I checked against the git version, the problem is not solved and
> actually exactly the same.


More information about the dm-crypt mailing list