Re: systemd and plymouth not caching LUKS passphrase

To: debian-user@lists.debian.org
Subject: Re: systemd and plymouth not caching LUKS passphrase
From: Ramon Diaz-Uriarte <rdiaz02@gmail.com>
Date: Wed, 22 Jun 2016 20:57:19 +0200
Message-id: <[🔎] 87mvmdgigg.fsf@gmail.com>
In-reply-to: <[🔎] 20160622105527.GA10913@chew.redmars.org>
References: <[🔎] 87a8iditki.fsf@gmail.com> <[🔎] 20160622105527.GA10913@chew.redmars.org>

On Wed, 22-06-2016, at 12:55, Jonathan Dowland <jmtd@debian.org> wrote:
> Hi,
>
>
> On Wed, Jun 22, 2016 at 09:14:21AM +0200, Ramon Diaz-Uriarte wrote:
>> It is my understanding that both systemd per se starting on v227 and
>> plymouth will cache passwords[1]. However, there is no caching of LUKS
>> passwords in my setting, a laptop with two encrypted partitions,
>> corresponding to root and swap, and where both share the passphrase.
> snip
>> I wonder if there is something I need to set/unset, or if I need to create
>> some (which?) script in /etc/systemd/system. 
>
> Looking at the manpage[1], it would appear you need to specify the argument
> "--keyname=somename" to the systemd-ask-password process in order for it to
> try and cache the passphrases. You would need to use the same keyring name
> for each invocation and the subsequent invocations need to also have
> --accept-cached.
>
> At boot time you aren't invoking systemd-ask-password yourself, so we need
> to figure out what calls it and how to configure *that* to pass the keyname
> argument through.
>
> I haven't tested it, but if you copy and override
> /lib/systemd/system/systemd-ask-password-console.service to /etc/systemd/system
> and add the two arguments, that might work. (you might also need to regenerate
> the initramfs).


Thanks, but it does not seem to work.

- I copied /lib/systemd/system/systemd-ask-password-console.service to
  /etc/systemd/system (i.e., it is not a symlink)

- I added --keyname=cryptsetup --accept-cached at the end of ExecStart

- Regenerated initramfs

- s2disk and then boot. I am still asked for both passwords.


- Note I am not using plymouth at the moment, but I understand this should
  work without plymouth.

Best,,,



>
>
> [1] https://www.freedesktop.org/software/systemd/man/systemd-ask-password.html#


-- 
Ramon Diaz-Uriarte
Department of Biochemistry, Lab B-25
Facultad de Medicina
Universidad Autónoma de Madrid 
Arzobispo Morcillo, 4
28029 Madrid
Spain

Phone: +34-91-497-2412

Email: rdiaz02@gmail.com
       ramon.diaz@iib.uam.es

http://ligarto.org/rdiaz

Reply to:

Follow-Ups:
- Re: systemd and plymouth not caching LUKS passphrase
  - From: Jonathan Dowland <jmtd@debian.org>

References:
- systemd and plymouth not caching LUKS passphrase
  - From: Ramon Diaz-Uriarte <rdiaz02@gmail.com>
- Re: systemd and plymouth not caching LUKS passphrase
  - From: Jonathan Dowland <jmtd@debian.org>

Prev by Date: Re: USB printer CUPS stalls on "Sending data to printer"
Next by Date: Re: jessie won't install/boot on a Dell Poweredge R815
Previous by thread: Re: systemd and plymouth not caching LUKS passphrase
Next by thread: Re: systemd and plymouth not caching LUKS passphrase
Index(es):
- Date
- Thread