[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Password and key
|
From: |
Garreau\, Alexandre |
|
Subject: |
Re: Password and key |
|
Date: |
Tue, 28 Oct 2014 23:53:32 +0100 |
|
User-agent: |
Gnus (5.13), GNU Emacs 24.3.1 (i586-pc-linux-gnu) |
On 2014-08-27 at 17:22, Andrei Borzenkov wrote:
> On Wed, 27 Aug 2014 13:29:17 +0200 Garreau, Alexandre wrote:
>> b) is there a way to set up the GRUB password and decryption key the
>> same so that the GRUB password can be used by cryptomount so that I only
>> enter one password once?
>
> Unfortunately, no —user authentication and cryptomount are not passing
> any information. Could be idea for next release.
If it’s being implemented, why not just factorize creating one “prompt”
command that could not only pass it’s input to cryptomount as well as
GRUB unlock, but have:
(a) An option to center the prompt on the screen instead of just putting
it on top right, in way to make it more aesthetic, notably in graphical
mode.
(b) An option hardening or softenning security like making password
characters appear with rounds (or dots if unicode’s not available, like
Emacs does) like standard graphical prompts (or even cleartext for some
who don’t care, it’d cost nothing), or to have a circle (or just a
rectangle, circle is just fancy) blinking in some color as someone type
characters, in another when deleting a character and another when
verifying password, like i3lock does.
(c) And an option to have exponential wait after password verification, with
of course either a maximum that the user could set to the time the
computer use to reboot, or if possible no maximum but the time to wait
stocked at the same place GRUB is so that at next time GRUB can continue
where it were before, so that reboot doesn’t reset it.
An option to use a different algo to check the password would equally be
useful. Like being able to use scrypt, which sets not only calculation
limits but also memory, making it hard to achieve even to
supercomputers.
If some of these features are easily implementable it’d be great :D I’m
currently not enough skilled to do these, so let me know if you find any
of these easily implementable, and if some of you’s going to
Hoping new features in next releases ^^ Thanks for work on GRUB :)
pgpIWlXEvfN9g.pgp
Description: PGP signature
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: Password and key,
Garreau\, Alexandre <=