Max Vozeler <x...@debian.org> (2014-07-30): > On Wed, Jul 30, 2014 at 11:23:28AM +0200, Raphael Hertzog wrote: > > I have been using this patch in Kali (on top of wheezy's > > partman-crypto), it would be nice to have this patch merged in time > > for Jessie. > > > > Dimitrijs, Max or Christian? (You ar listed in Uploaders) > > Two things come to my mind: > > - The feature should have some documentation to explain to users > that any preseeded passphrase is to be considered insecure and must > be changed after installation, like Olaf suggested perhaps the > preseeding template could be a good place.
I think I'll go for a comment in partman-crypto's templates file for now. I still have to double check how the example preseed file is maintained, to make sure it contains said warning. > - I have a vague memory of needing to clear the template value for > partman-crypto/passphrase (and passphrase-again) to ensure the > passphrase does not end up in the debconf database of the installed > system. Could you verify if this is (still?) true? I'm also verifying this. Mraw, KiBi.
signature.asc
Description: Digital signature
