On 03/21/2011 12:43 PM, Richard W.M. Jones wrote: > Off the same topic, I'd love a way to have a "key server" on my > network that machines can grab their keys from at boot. Obviously I > would then work on physically securing / hiding the key server so that > no one could steal it ...
I think there are many possible improvements. I filed a bug with um F14 with a patch for the initscripts that would fallback to a password when the configured key wasn't around. I thought it would also be nice to have other options such as 'run X to get the key' etc. Ultimately the initscript change was rejected as F15 is going to systemd making it somewhat moot. Though I haven't looked at how systemd handles encrypted partitions -- Nathanael d. Noblet t 403.875.4613 -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
