Public bug reported:
Steps to reproduce:
1. Install the Ubuntu in OEM mode with Encryption and LVM (*passphrase1* was
entered, it is known by administrator or manufacturer)
2. Boot installed system with temporary OEM account
3. Click "Prepare for shipping to end user" icon on desktop
4a. Ship device to the end user forgetting to give him/her the *passphrase1*.
4b. Ship device to the end user with *passphrase1* (which really secret)
written in somewhere
Expected results:
User is able to boot device without encryption and then set his/her own
*passphrase* on first boot via OEM Config wizard
Actual results:
a. user can't decrypt drive if he/she do not know the *passphrase1*
b. user can decrypt the drive with known *passphrase1* but is concerned that
someone else knows it.
** Affects: oem-config (Ubuntu)
Importance: Undecided
Status: New
** Affects: ubiquity (Ubuntu)
Importance: Undecided
Status: New
** Tags: bionic disco eoan oem-config xenial
** Also affects: oem-config (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1842187
Title:
for privacy and security reasons oem-config should allow to change
security key for disk encryption by the end-user
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/oem-config/+bug/1842187/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
