therealromster / cryptsetup

Automatically exported from code.google.com/p/cryptsetup
GNU General Public License v2.0
0 stars 0 forks source link

Display password on screen #246

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
Hello,

I was told this was the place to make feature requests for LUKS boot loader.

I use LUKS to encrypt my disk. And of course, I use a long password in order to 
ensure it can't be easily brute-forced. But what annoys me is that, since the 
password is long, there's a big chance I'll make some typo.

OTOH, 99% of the time I'm typing this password there's no one around that could 
see it. So if there was an option to simply display the password, I could 
easily fix the typo and save me time.

Would it be possible to implement such feature? I'd greatly appreciate it! And 
I think it would also help everyone who wants to follow good security practices 
and have long passwords.

Thank you!

Original issue reported on code.google.com by cave...@gmail.com on 2 Mar 2015 at 2:55

GoogleCodeExporter commented 9 years ago
Well, I do not think this will help security at all :) Do not forget that it 
could be logged to boot log or whatever collects the program outputo.

Moreover, the problem is that in most distros, it is not cryptsetup that ask 
for password, it is some wrapper or tool (like plymouth). So even weadd this to 
cryptsetup it will not solve your problem.

And if you want, you can easily implement it in bash script (for example):
  read PWD; echo "Password is $PWD"; echo $PWD | cryptsetup luksOpen <dev> <name>
(or replace read command with something more sophisticated).

Original comment by gmazyl...@gmail.com on 9 Mar 2015 at 2:30

GoogleCodeExporter commented 9 years ago
Okay, so it's not here that I should make the request.

I use Kubuntu. Do you know what piece of software is the one that displays the 
input field during boot? Where should I make my request to have a simple 
checkbox "Display password"?

I suppose to use your script solution I'd have to boot on command line or 
something, right?

Original comment by cave...@gmail.com on 9 Mar 2015 at 2:50

GoogleCodeExporter commented 9 years ago
No idea what is used in Kubuntu. Just try to report them bug, you will see.

Cryptsetup can take passwords on stdin so you can build any wrapper, not only 
for commandline.

Original comment by gmazyl...@gmail.com on 9 Mar 2015 at 3:10

GoogleCodeExporter commented 9 years ago
Okay, thank you. I guess I need to find what's Kubunt's wrapper then.

Original comment by cave...@gmail.com on 9 Mar 2015 at 3:12