Closed dan-saba closed 2 years ago
At the moment this project is experimental and the tools are meant for usage in isolated lab environments. I can look into adding an option that allow you to pass credential via a password prompt. Note that this is not one of my highest priorities.
This is not a proper long-term solution, but I made libcmdsdaskpass.so to get around this for the time being (on Linux).
LD_PRELOAD=libcmdsdaskpass.so fvdemount -p '$(systemd-ask-password --id=fvdemount --keyname=cryptsetup --accept-cached)' ...
The password doesn't show up in /proc/.../cmdline
but the program is executed as if it were there. You can probably modify it to suit your needs.
Password related changes integrated in 86e0c5b, closing issue
I noticed that fvdemount will display the partition's password in the process list (which can be seen by any user), as it is taken as a parameter when mounting. Can this security issue be corrected in a future release?