Hi, Ellen Papsch <ellen.pap...@wine-logistix.de> skribis:
> Am Samstag, den 04.04.2020, 12:18 +0200 schrieb pelzflorian (Florian > Pelz): >> Could key files help in passing the passphrase on to the >> Linux kernel? The Arch Wiki says this: [...] >> > > The key file would be another means of decrypting the master key, if I > understand LUKS correctly. It would be independent of the passphrase. > (In LUKS terminology, two slots are used). > > It would definitely help usability not having to enter a passphrase > twice. The GUI/TUI installer should take care generating the file and > ensuring strict permissions, so user processes cannot read it. There is > still some risk, because root processes could read it. If the installer > would support an external medium for the file, that would be best > (IMHO). The difficulty is that any file traveling through the store is world-readable. It’s hard to avoid. Ludo’.
