On Tue, Sep 11, 2012 at 03:17:47PM -0400, Sebastian Fischmeister wrote:
> Cryptsetup requires root access and I don't want that for my backup
> mechanism. Also I don't want to call sudo in a cron job. The encrypted
> drive should be mountable by a regular user (e.g., automounting an
> encrypted usb
Hi,
On Tue, Sep 11, 2012 at 3:17 PM, Sebastian Fischmeister
wrote:
> Cryptsetup requires root access and I don't want that for my backup
> mechanism. Also I don't want to call sudo in a cron job. The encrypted
> drive should be mountable by a regular user (e.g., automounting an
> encrypted usb st
Hi,
On Wed, Sep 12, 2012 at 10:09 AM, Martin Pitt wrote:
>> Is it difficult to mount an encrypted drive through dbus-send? It
>> seems that there is an awful lot of details in the parameters that
>> need to be just right.
>
> In that case it seems easier to use libudisks, possibly from
> introspe
Hello Sebastian,
Sebastian Fischmeister [2012-09-12 9:32 -0400]:
> Anyways, it seems that udisksctl doesn't support this feature.
Right, it always reads passphrases from the terminal.
> Is it difficult to mount an encrypted drive through dbus-send? It
> seems that there is an awful lot of detai
Thanks for the discussion so far.
> However, the worrying part here is that in order to do this
> noninteractively, you need to store the cleartext passphrase at a
> place where the cron job can read it. What's the point of encrypting
> your disks when the password is on a (proverbial) sticker rig
Hello Sebastian,
Sebastian Fischmeister [2012-09-11 15:17 -0400]:
> Cryptsetup requires root access and I don't want that for my backup
> mechanism. Also I don't want to call sudo in a cron job.
Sounds like you should give the backup user the
org.freedesktop.udisks2.encrypted-unlock privilege for
Cryptsetup requires root access and I don't want that for my backup
mechanism. Also I don't want to call sudo in a cron job. The encrypted
drive should be mountable by a regular user (e.g., automounting an
encrypted usb stick every 10 min and copy something onto it; I don't
want to keep the stick m
Hi,
On Tue, Sep 11, 2012 at 12:05 PM, Sebastian Fischmeister
wrote:
> This means one cannot script mounting an encrypted drive with
> udiskctl. Is there a way around it?
Is there any reason you're not just using cryptsetup(8) for this?
With the way it's supposed to work, udisksctl isn't really
Hi,
Is there a way to pass the keyfile to the udiskctl unlock command?
It doesn't seems so, because handle_command_unlock_lock() always asks
for a passphrase in udisksctl.c:1248
This means one cannot script mounting an encrypted drive with
udiskctl. Is there a way around it?
Thanks,
Sebastian
