[systemd-devel] homed, LUKS2 passphrase encoding, and recovery key

Alexander E. Patrakov patrakov at gmail.com
Fri Jan 24 03:56:30 UTC 2020


On Fri, Jan 24, 2020 at 2:11 AM Chris Murphy <lists at colorremedies.com> wrote:
>
> Thanks for the answer, it's very useful. When I asked the question, I
> didn't fully appreciate the cryptographic and anti-forensic
> capabilities in LUKS that almost certainly should not be
> re-implemented elsewhere.
>
> I'd like to better understand what it would take to support UTF-8
> passphrases for LUKS (luksFormat, luksOpen). Consistently and
> reliably, in a portable user home context. Of course the keyboard
> could change. Locale could, thus default local language of the host
> system could be different.

I think there is a very important thing missing in your email:
analysis what works and what doesn't work in the context of non-Linux
operating systems.

> That's the short version. Everything below this line is a super
> verbose explanation how I'm arriving at the above.
>
> I assume users want their login passphrase to use local characters.

That's just an assumption, with no data presented to back it up.

-- 
Alexander E. Patrakov


More information about the systemd-devel mailing list