My notes on making encrypted filesystems 'Just Work(tm)'

W. Michael Petullo mike at
Wed Dec 15 07:34:30 PST 2004

>>> Once the passphrase have been obtained in the desktop session, then
>>>  'sesame-setup --device=/dev/sda1 --passphrase=mysecret22'
>>> should be run by root.

>> No it should not. NEVER pass a passphrase in an argument.

> The "why" of this, for those who don't know already, is because non-
> privileged users on most machines can view the arguments passed to
> executing processes.  Just take a look at ps or top output, for example.

Placing the passphrase in an environment variable is not a safe means
either.  Reading a passphrase from stdin is probably best.  Another
solution I have seen is providing an environment variable that names a
file to read the passphrase from.

> (NOTE:  1. hald shall only allow console user to do this
>         2. requires new features in hald to callout a program specified
>            in e.g. the /etc/hal/methods.d/Crypto/Sesame/Setup file)

How does this /etc/hal/methods.d interface work?  I can't find any
documentation about it.  I've found a few mentions of a methods.d
directory but no documentation about how it is wired to hald.


hal mailing list
hal at

More information about the Hal mailing list