[dm-crypt] OPENSSL / PKCS#12/10

Arno Wagner arno at wagner.name
Mon Jan 11 17:22:40 CET 2010


On Sun, Jan 10, 2010 at 10:22:28PM +0100, Fran?ois Chenais wrote:
> Hello,
> 
> Actually, dm-crypt uses stdin and file for password input.
> 
> Is there any plan to add the option of using external
> gpg/RSA/pkcs#12/pkcs#10 files ?
> 
> The idea is to use an crypted file stored on an external device (USB KEY,
> token...)

You can already do that by using a named pipe as file (or stdin)
and then having a preprocessor that decrypts the encrupted key file
to this pipe. This is actually the preferred way, as it keeps the 
complexity of cryptsetup low.

Arno
-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno at wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 


More information about the dm-crypt mailing list