On 04/19/2014 02:49 PM, Nikolaus Rath wrote: > Hello, > > I have several LUKS encrypted volumes that use the same > passphrase. Before switching to systemd, I have used the decrypt_keyctl > keyscript to cache the passphrase, so that I have to enter it only once. > > As far as I can tell, the systemd cryptsetup generator is ignoring the > keyscript option in /etc/crypttab when creating units. > > Is there another way to achieve passphrase caching with systemd? > > > Thanks, > -Nikolaus >
No, 'keyscript' is not (currently) supported. IMHO, you're not reducing your security any by e.g. unlocking /root and storing keys for the other volumes there. If you did this, you might want to use a separate keyslot for the task with a longer key that you don't/can't remember, just for kicks. However, you could probably cook up some units that take your password, write it to /run and then point all of your volumes their. And of course, the third option would be to submit a patch. The src/cryptsetup stuff is pretty straightforward. _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
