Bug#477203: [Pkg-cryptsetup-devel] Bug#477203: cryptsetup: LUKS passphrase sometimes in cleartext
On 21/04/2008 Daniel Blaschke wrote: I have an encrypted /home partition and usplash is installed. Whenever I'm not quick enough entering the LUKS passphrase, usplash times out and in order to continue the boot process I need to switch to tty 8 where I can enter the passphrase. And here's the security problem: As I type, the passphrase appears as cleartext on the screen... Hello Daniel, Could you try whether cryptsetup 1.0.6-2 fixes the bug? The way how the initramfs prompts for the passphrase has been changes in 1.0.6-2, an external binary called askpass has been introduces by David Härdeman and is used now for passphrase retrieval. We hope that askpass fixes the issue you described here. greetings, jonas -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#477203: [Pkg-cryptsetup-devel] Bug#477203: cryptsetup: LUKS passphrase sometimes in cleartext
Jonas Meurer wrote: Hello Daniel, Could you try whether cryptsetup 1.0.6-2 fixes the bug? The way how the initramfs prompts for the passphrase has been changes in 1.0.6-2, an external binary called askpass has been introduces by David Härdeman and is used now for passphrase retrieval. We hope that askpass fixes the issue you described here. greetings, jonas Hi Jonas, unfortunately I still experience the same problem: after the usplash timeout, the passphrase I enter is in cleartext. However, I discovered something: when I then enter a wrong passphrase the first time, I get prompted a second time and then the passphrase is not in cleartext anymore... I hope that helps. Cheers, Daniel -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#477203: cryptsetup: LUKS passphrase sometimes in cleartext
Package: cryptsetup Version: 2:1.0.6-1 Severity: grave Tags: security Justification: user security hole I have an encrypted /home partition and usplash is installed. Whenever I'm not quick enough entering the LUKS passphrase, usplash times out and in order to continue the boot process I need to switch to tty 8 where I can enter the passphrase. And here's the security problem: As I type, the passphrase appears as cleartext on the screen... cheers, Daniel -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing'), (200, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages cryptsetup depends on: ii dmsetup 2:1.02.24-4 The Linux Kernel Device Mapper use ii libc62.7-10 GNU C Library: Shared libraries ii libdevmapper1.02.1 2:1.02.24-4 The Linux Kernel Device Mapper use ii libpopt0 1.10-3 lib for parsing cmdline parameters ii libuuid1 1.40.8-2universally unique id library cryptsetup recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]