[dm-crypt] OPENSSL / PKCS#12/10
francois.chenais at gmail.com
Mon Jan 11 20:13:40 CET 2010
2010/1/11 Arno Wagner <arno at wagner.name>
> On Sun, Jan 10, 2010 at 10:22:28PM +0100, Fran?ois Chenais wrote:
> > Hello,
> > Actually, dm-crypt uses stdin and file for password input.
> > Is there any plan to add the option of using external
> > gpg/RSA/pkcs#12/pkcs#10 files ?
> > The idea is to use an crypted file stored on an external device (USB KEY,
> > token...)
> You can already do that by using a named pipe as file (or stdin)
> and then having a preprocessor that decrypts the encrupted key file
> to this pipe. This is actually the preferred way, as it keeps the
> complexity of cryptsetup low.
Something like this ?
openssl pkcs12 -in file.p12 -nodes -nocerts | cryptsetup ...
> Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email:
> arno at wagner.name
> GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25
> Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
> If it's in the news, don't worry about it. The very definition of
> "news" is "something that hardly ever happens." -- Bruce Schneier
> dm-crypt mailing list
> dm-crypt at saout.de
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dm-crypt