Bug#723729: partman-crypto: LUKS master key is read from /dev/urandom

To: Christian PERRIER <bubulle@debian.org>, 723729@bugs.debian.org
Subject: Bug#723729: partman-crypto: LUKS master key is read from /dev/urandom
From: Thiemo Nagel <thiemo.nagel@gmail.com>
Date: Thu, 19 Sep 2013 23:31:00 +0200
Message-id: <CAOGcq_6EhDMM__kY8W+r4SsiKS3TDyVOhzApUGKHTD6C-KFeag@mail.gmail.com>
Reply-to: Thiemo Nagel <thiemo.nagel@gmail.com>, 723729@bugs.debian.org
In-reply-to: <20130919165741.GM1714@mykerinos.kheops.frmug.org>
References: <20130919093807.5694.5402.reportbug@kiste> <20130919165741.GM1714@mykerinos.kheops.frmug.org>

On Thu, Sep 19, 2013 at 6:57 PM, Christian PERRIER <bubulle@debian.org> wrote:
> Quoting Thiemo Nagel (thiemo.nagel@gmail.com):
>
>> 2. In case the job doesn't return within a couple of seconds, instruct
>>    the user to a) either press keys until enough entropy has been
>>    gathered or b) select "Cancel" and continue in unsafe manner. If the
>
>
> Don't we have such things?
>
> I'm sure I translated screens where users are prompted to type keys,
> move the mouse and do other stuff in order to generate entropy.

I faintly remember something like that, too. But I can't see it in the
code. Have a look at (what I believe to be) the relevant snippet in
setup_luks() from crypto-base.sh:

    log-output -t partman-crypto \
    /sbin/cryptsetup -c $cipher-$iv -s $size luksFormat $device $pass
    if [ $? -ne 0 ]; then
        log "luksFormat failed"
        return 2
    fi

Reply to:

References:
- Bug#723729: partman-crypto: LUKS master key is read from /dev/urandom
  - From: Thiemo Nagel <thiemo.nagel@gmail.com>
- Bug#723729: partman-crypto: LUKS master key is read from /dev/urandom
  - From: Christian PERRIER <bubulle@debian.org>

Prev by Date: Bug#722898: UI wording
Next by Date: Bug#722898: UI wording
Previous by thread: Bug#723729: partman-crypto: LUKS master key is read from /dev/urandom
Next by thread: Re: Bug#723729: partman-crypto: LUKS master key is read from /dev/urandom
Index(es):
- Date
- Thread