Re: LUKS password gets printed as stars
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Mon, Dec 18, 2017 at 06:41:00PM +0530, root kea wrote:
> Hello!
>
> I am using LUKS on LVM on Debian Stretch. I have encrypted /home and
> swap partition. When initram gets loaded it asks for password to
> decrypt swap partition. That passowrd doesn't get printed to screen.
> No stars. Nothing.
>
> But After which Kernel gets loaded (I think) and it asks password for
> /home which gets printed as stars. I'm really worried about this. Here
> is a screenshot https://imgur.com/bC4AF6H
This looks like two different programs at work for asking your password.
At early time (your swap case), it's probably the "naked" cryptsetup,
which doesn't show any stars (for me, that's always, since I always
use "naked" cryptsetup). Later on (for your /home partition), init
has taken over and is probably calling cryptsetup on your behalf,
possibly using something else to collect the passphrase from you.
My crystal ball says you're using systemd. It seems that it has a
special "unit" to mount encrypted file systems [1], which may call
into one of several password agents [2]. If this hunch is correct,
you may start with [2], find out which agent you are talking to
and perhaps reconfigure it in the way you like.
I haven't systemd over here, so that's all advice I can muster up.
Perhaps someone more knowledgeable can chime in.
> PS - while replying please CC me as I'm not subscribed to debian-users.
Done.
Cheers
[1] https://www.linux.org/docs/man8/systemd-cryptsetup.html
[2] https://www.freedesktop.org/wiki/Software/systemd/PasswordAgents/
- -- tomás
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlo3yNkACgkQBcgs9XrR2kYl4QCfcSMMdkBxTR/k4vYUVms/EFD+
tq0AnRFbM6JD4/wsym3UDdboak20AIfp
=6JGh
-----END PGP SIGNATURE-----
Reply to: