Opened 5 years ago

Closed 4 years ago

#200 closed Feature Request (fixed)

Encrypted partitions have no ability to use passwords

Reported by: yerenkow Owned by:
Priority: major Milestone:
Component: Installer Version:
Keywords: geli password Cc: trac-bugs@…, silver.salonen@…

Description

Probably not for 8.0, maybe for 8.1.
Geli can be used not only with key-files, but with passphrases too.
Good idea to have this ability, for example not during system start, but manually.
Creating such partition: generate keyfile, enter super-user passphrase (to recover), enter user passphrase.

Mounting and working with such partition: during start or manually - enter passphrase, mount to specified directory.

Change History (3)

comment:1 Changed 5 years ago by atrox

  • Cc silver.salonen@… added

Further more, I think that without this, standard users don't actually have any use of encryption with unprotected keys - when HDD is lost or stolen, one just mounts root partition under live-fs and gets the keys for encrypted partitions from /boot.

Couldn't there just be an additional option in installer for protecting keys with passphrase?

comment:2 Changed 5 years ago by kris

This is already on the feature list for 8.1 :)

http://wiki.pcbsd.org/index.php/PC-BSD_8.1_TODO

comment:3 Changed 4 years ago by kris

  • Resolution set to fixed
  • Status changed from new to closed

This has been added for 8.1, closed.

Note: See TracTickets for help on using tickets.