when using debian/ubuntu, you can use so called keyscripts to return the actual key, which is then piped to cryptsetup. The 'key' is then just a paramter for the script. e.g.: key="foo" keyscript="/lib/cryptsetup/scripts/decrypt_derived" will do basically this: $keyscript "$key" | cryptsetup --key-file=- luksOpen ... this is extremely handy, if you don't have a real keyfile somewhere, but want to calculate it somehow (the decrypt_derived script gets the key from an already unlocked LUKS device via dmsetup table). But the current /etc/init.d/dmcrypt init-script don't support this. You can only specify a real keyfile. It would be nice to add 'keyscript' support. Shouldn't be a problem. Just add a new keyword 'keyscript', and if specified, use the method described above. Don't forget to use "$key" as a parameter for $keyscript. thanks! Reproducible: Always
You forgot to assign the bug report? Try base-system@
changed "assigned to".
any news?
well, it would be nice to get at least a comment... I feel ignored... :-/
ping
*** Bug 380795 has been marked as a duplicate of this bug. ***
sample patch here: https://bugs.gentoo.org/attachment.cgi?id=285027
*** Bug 344409 has been marked as a duplicate of this bug. ***
I'm in the systemd camp these days, so this issues has sort of lost relevance to me :/