On Tue, Apr 7, 2020, at 9:46 AM, Ludovic Courtès wrote: > The difficulty is that any file traveling through the store is > world-readable. It’s hard to avoid.
If we can create the key file outside of the store, then GRUB is capable of being passed multiple initrds. So we can put the key in its own initrd (outside of the store), continue to generate the normal initrd in /gnu/store, and pass both of them to GRUB. The key never enters the store in any way. The result is that the user only needs to enter a password into GRUB, because GRUB then passes the key file to the kernel. -- Alex Griffin
