Bug#478598: partman-crypto: problems with using random keys

To: 478598@bugs.debian.org
Subject: Bug#478598: partman-crypto: problems with using random keys
From: Frans Pop <elendil@planet.nl>
Date: Sun, 4 May 2008 12:15:42 +0200
Message-id: <[🔎] 200805041215.43144.elendil@planet.nl>
Reply-to: Frans Pop <elendil@planet.nl>, 478598@bugs.debian.org
In-reply-to: <[🔎] 20080503232201.GD24890@chaos.nusquama.org>
References: <200804300104.36249.elendil@planet.nl> <[🔎] 200805032256.31848.elendil@planet.nl> <[🔎] 20080503232201.GD24890@chaos.nusquama.org>

severity 478598 minor
clone 478598 -1
retitle 478598 partman-crypto: make clearer that changing method resets defaults
reassign -1 installation-guide
retitle -1 encrypted partitioning: better document what user input may be needed
thanks

On Sunday 04 May 2008, Max Vozeler wrote:
> > Does that mean that I should not have been shown *either* of the two
> > dialogs (passphrase and random typing) with the "incorrect" method?
>
> No. By switching encryption methods, you got the default of the
> selected method (loop-AES), which is keyfile. It involves asking
> for a passphrase and getting random input.

OK.

> > Should cdebconf-entropy be used only with dm-crypt?
>
> No. Here is a table to clear up any misunderstandings:
>
>   Method     |  Type          | Key generation
>   ------------------------------------------------------
>   dm-crypt   |  passphrase    | persistent key from /dev/urandom, wrapped
>              |                | with passphrase
>   dm-crypt   |  random        | volatile key from /dev/random
>   loop-AES   |  keyfile       | persistent key from /dev/random, wrapped
>                                 with GnuPG
>   loop-AES   |  random        | volatile key from /dev/urandom

Ah. I have never even come close to being aware that loop-AES + keyfile
required both. I think having this table in the manual would help too.

> > > FWIW, the partman dialog should reflect the reset keytype after
> > > switching the encryption type.
> >
> > IIRC it did not. My test should be trivial to reproduce though.
>
> It does - I just verified it.

Yes, you're right. I see it too now. I wonder how that could be improved
from a usability PoV because it's not obvious.
One option could be to add a separator below Encryption method. That would
make it somewhat clear that it's an option that's on a different "level"
than the others. Hmm, maybe we should do the same below "Use as" too. If
we do that Use as and Encryption method could probably be kept together.

OK. So it seems there is no real bug, just a minor usability issue.
Thanks for the explanations Max. At least it's gotten some extra testing.

BTW, I think the fact that I needed to generate more entropy could be due
to changes in the kernel. I seem to remember reading that they've become
more strict on entropy sources.

Cheers,
FJP

Reply to:

Follow-Ups:
- Bug#479394: encrypted partitioning: better document what user input may be needed
  - From: Frans Pop <elendil@planet.nl>

References:
- Bug#478598: partman-crypto: problems with using random keys
  - From: Frans Pop <elendil@planet.nl>
- Bug#478598: partman-crypto: problems with using random keys
  - From: Max Vozeler <xam@debian.org>

Prev by Date: Bug report: installer messed up mdadm.conf
Next by Date: Bug#479325: cdebconf-gtk-entropy: minor usability issues
Previous by thread: Bug#478598: partman-crypto: problems with using random keys
Next by thread: Bug#479394: encrypted partitioning: better document what user input may be needed
Index(es):
- Date
- Thread