Re: LUKS password gets printed as stars
On 2017-12-20, root kea <rootkea@gmail.com> wrote:
> On Wed, Dec 20, 2017 at 3:18 AM, Jonathan Dowland <jmtd@debian.org> wrote:
>> On Wed, Dec 20, 2017 at 12:15:36AM +0530, root kea wrote:
>
>>> And I just filed a bug report [0]. if anybody interested they can
>>> follow the discussion there.
>>>
>>> [0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884788
>>
>>
>> In this case I think you would have much more luck in at least getting
>> a discussion of the various merits of each approach, if not a change of
>> behaviour, by posting to the systemd-devel mailing list[1]
>
> Thanks for the suggestion! I just posted about "`systemd-ask-password`
> echoing stars(*) by default" on systemd-devel ML. [0]
>
> I genuinely hope that they change this default behavior.
I thought we wanted it to be configurable because it is currently not
configurable (through ordinary command-line means, short of
recompilation). Don Armstrong explained the rationale behind making
echoed "stars" the default and opining that a bug report with patch
would be welcome.
Now we want to change the default. Give them the moon, and they want the
stars, too!
Also, I'm uncertain whether suppression of the asterisk-echo qualifies
as "security by obscurity" (actually, that expression is almost
exclusively pejorative in my experience) as you claim in exposing your
reasoning in the article linked below.
> [0]
> https://lists.freedesktop.org/archives/systemd-devel/2017-December/040023.html
--
"An autobiography is only to be trusted when it reveals something disgraceful.
A man who gives a good account of himself is probably lying, since any life
when viewed from the inside is simply a series of defeats."
— George Orwell
Reply to: