54982 – RFE: cryptsetup: Please provide functionality similar to decrypt_keyctl

Bug 54982 - RFE: cryptsetup: Please provide functionality similar to decrypt_keyctl

Summary: RFE: cryptsetup: Please provide functionality similar to decrypt_keyctl

Status:	RESOLVED FIXED

Alias:	None

Product:	systemd
Classification:	Unclassified
Component:	general (show other bugs)
Version:	unspecified
Hardware:	Other All

Importance:	medium enhancement
Assignee:	systemd-bugs
QA Contact:	systemd-bugs

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2012-09-16 09:39 UTC by Maik Zumstrull
Modified:	2017-09-14 08:40 UTC (History)
CC List:	0 users

See Also:
i915 platform:
i915 features:

Attachments

Description Maik Zumstrull 2012-09-16 09:39:33 UTC

Debian's cryptsetup packaging provides decrypt_keyctl, a key management script that allows the user to specify that several LUKS devices use the same passphrase that should only be requested once during boot.

To this end, a keyphrase successfully used to unlock a device is stored in the secure kernel keyring for 60 seconds, and then automatically used to unlock any other devices that come up in that time.

Please provide similar functionality in systemd's cryptsetup handling.

Comment 1 Lennart Poettering 2017-09-14 08:40:37 UTC

systemd-cryptsetup has been storing the collected key for a while now in the kernel keyring. Closing.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.