[dm-crypt] Verify LUKS password
marcosestevesbarbosa at gmail.com
Tue Nov 29 19:33:22 CET 2011
There's a function in a shared library to check the password? A function to
pass the password and return is is correct or not.
2011/11/29 Arno Wagner <arno at wagner.name>
> On Tue, Nov 29, 2011 at 06:40:18PM +0100, Yves-Alexis Perez wrote:
> > On mar., 2011-11-29 at 18:31 +0100, Arno Wagner wrote:
> > > If you actually want to remove the LUKS mapping (i.e. "close" the
> > > LUKS container) when the screen safer engages and remap the LUKS
> > > container when the screensaver is unlocked, then this is complicated.
> > > It mau also not be what you want, given that unmapping the LUKS
> > > container with open files is eiter not possible or can result in
> > > arbitrary data corruption (I have not tried it). So you would
> > > need to do something like this on screenlocker-engage:
> > >
> > > 1. Determine all open files in the LUKS container
> > > 2. Terminate all applications that have these files open
> > > 3. Unmount the LUKS container and verify it did unmount.
> > > If unmount fails, go to 1. (An application could have opened
> > > a file in between...) Maybe you can also do a ro remount first.
> > > 4. Unmap the LUKS container.
> > >
> > > Now, this would need to be somehow script-driven from the
> > > screensaver. Whether automated application clsoe is a good idea
> > > depends very much on the situation and is generally _not_ a good
> > > idea.
> > >
> > What about luksSuspend operation?
> Well, maybe. If _all_ used applications can deal with
> I/O calls to take forever.
> Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email:
> arno at wagner.name
> GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25
> Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
> If it's in the news, don't worry about it. The very definition of
> "news" is "something that hardly ever happens." -- Bruce Schneier
> dm-crypt mailing list
> dm-crypt at saout.de
Marcos Barbosa <marcosestevesbarbosa at gmail.com>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dm-crypt