596392 – sys-kernel/genkernel-next initramfs should try to use passphrase when root_key doesn't work

Bug 596392 - sys-kernel/genkernel-next initramfs should try to use passphrase when root_key doesn't work

Summary: sys-kernel/genkernel-next initramfs should try to use passphrase when root_ke...

Status:	RESOLVED OBSOLETE

Alias:	None

Product:	Gentoo Hosted Projects
Classification:	Unclassified
Component:	genkernel-next (show other bugs)
Hardware:	All Linux

Importance:	Normal enhancement (vote)
Assignee:	Ettore Di Giacinto (RETIRED)

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2016-10-07 03:32 UTC by Lee Starnes
Modified:	2020-08-20 12:51 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Lee Starnes 2016-10-07 03:32:56 UTC

genkernel initramfs should allow users to enter a passphrase for encrypted devices even when root_key is specified but the key it references cannot be found.

Currently, if root_key is given but the key can't be found, the initramfs will ask the user to insert a device that has the matching key and wait up to 10 seconds. If it still cannot find the key after 10 seconds, the initramfs will skip trying to open the encrypted volumes.

Both dracut's crypt module and Arch's mkinitcpio encrypt hook will fall back to using passphrases if they fail to load a keyfile.

A possible workaround that works with genkernel initramfs would be to have two boot entries: one that has root_key set and tries to use a keyfile, and one that does not have root_key set and tries to use a passphrase.

I am currently using =sys-kernel/genkernel-next-64.

Comment 1 Michał Górny archtester

2020-08-20 12:51:01 UTC

Package removed.