[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Unlock LUKS with login/password

On Mar 08, Alexey Kuznetsov <kuznetsov.alexey@gmail.com> wrote:

> 1) grub can ask for a login/password, then MD5 the text and unlock the LUKS
Forget about this part: encrypted /boot/ is pointless from a security 
point of view and this complexity does not belong in the boot loader.

Once you accept this then you will end up with a design very similar to 
https://www.freedesktop.org/wiki/Specifications/login-unlock/ .

So you would need to implement having Plymouth or whatever else storing 
the credentials in the kernel keyring and then probably a PAM module 
that will make them available to the rest of the stack (notably 


Attachment: signature.asc
Description: PGP signature

Reply to: