Control: severity -1 minor Control: tag -1 pending On Wed, 07 Aug 2019 at 09:16:33 -0400, Ian Kelling wrote: > "You can unlock your rootfs on bootup remotely, using SSH to log in to > the booting system while it's running with the initramfs mounted. > Consult cryptsetup's /usr/share/doc/cryptsetup/README.Debian section 8 > for details."
On src:cryptsetup <2:2.0.3-1 the file is shipped by the ‘cryptsetup’ binary package as /usr/share/doc/cryptsetup/README.Debian.gz. On src:cryptsetup ≥2:2.0.3-1 and <2:2.1.0-6 the file is shipped by the ‘cryptsetup-run’ binary package as /usr/share/doc/cryptsetup-run/README.Debian.gz. On src:cryptsetup ≥2:2.1.0-6 the file is shipped by the ‘cryptsetup’ binary package as /usr/share/doc/cryptsetup/README.Debian.gz. See also #904916 and #929922. > And, the instructions in the older > /usr/share/doc/cryptsetup/README.Debian no longer work, they said: > # echo -n "my_secret_passphrase" > /lib/cryptsetup/passfifo It doesn't? That command has always been racy because the SSHd is launched before the passfifo is created. (See …/README.Debian.gz sec. 8 for a proper solution.) But it should not be *more* racy with Buster than with Stretch or any earlier release. -- Guilhem.
signature.asc
Description: PGP signature