On Tue, Oct 10, 2017 at 11:13:45PM +1100, tomr wrote: > Well... there's nothing in the FAQ about using a keydisk at all, and > there's no hints in bioctl(8) about using both a keydisk and a password > together.
That's because using both isn't a supported use case yet. In the current design and implementation, there's either a passphrase or a keydisk, but never both. > The last comment on this thread describes what I'd like to do, which is > to somehow have a keydisk *and* a passphrase: > https://undeadly.org/cgi?action=article&sid=20131112031806 Please understand that I don't have any interest in supporting such hacks. If you use them and they work for you, that's fine of course. I'd rather see a patch that makes this feature a proper part of the design and implementation. I don't need this feature. But if you write a patch to implement it properly, I will review your patch.
