Le 08/03/2023 à 16:28, Alexey Kuznetsov a écrit :
Hello!
I have an idea about how modern linux should work with encrypted LUKS
partitions.
Hi,
I'm using LUKS for a long time on both my personal (desktop) and
professional (laptop) computers. Since they are single user (me), I use
autologin in the display manager, lightdm in my case. Because there is
only one slot configured in LUKS, I'm sure this is me, so lightdm can
autologin safely.
However, you are proposing to solve the case for multiple user
computers. In that case, I would think about a much simpler design:
- Remember which slot was used to unlock the LUKS root partition
- Make a map with slot -> user to autologin
- Autologin that user on boot
No more passing password, no more password update headache. But only a
root user can update the map "slot -> user".
Adrien
