udisksctl unlock parameter for keyfiles
Sebastian Fischmeister
sfischme at uwaterloo.ca
Wed Sep 12 06:32:57 PDT 2012
Thanks for the discussion so far.
> However, the worrying part here is that in order to do this
> noninteractively, you need to store the cleartext passphrase at a
> place where the cron job can read it. What's the point of encrypting
> your disks when the password is on a (proverbial) sticker right next
> to it?
Multiple reasons can exist for this to be fine. For example, the
keyfile (not necessarily a passphrase) might be on a USB stick plugged
in and the cron job only succeeds when the person is present, the
keyfile itself might be on an encrypted disk and can't easily be
taken, or it simply doesn't matter that much because it's not the
system that needs protection but the external (removable) drive.
Anyways, it seems that udisksctl doesn't support this feature. Is it
difficult to mount an encrypted drive through dbus-send? It seems that
there is an awful lot of details in the parameters that need to be
just right.
Sebastian
More information about the devkit-devel
mailing list