From owner-freebsd-geom@FreeBSD.ORG Tue Aug 30 19:30:08 2011 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CE9C6106564A for ; Tue, 30 Aug 2011 19:30:06 +0000 (UTC) (envelope-from jkerian@gmail.com) Received: from mail-gx0-f182.google.com (mail-gx0-f182.google.com [209.85.161.182]) by mx1.freebsd.org (Postfix) with ESMTP id 810478FC14 for ; Tue, 30 Aug 2011 19:30:06 +0000 (UTC) Received: by gxk28 with SMTP id 28so7158706gxk.13 for ; Tue, 30 Aug 2011 12:30:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=ryo2ZtDtDA03IeJm/fZwUz8WRIQpK8vud9PkNR2OxHQ=; b=sBU8icZEJr8MQi07SUcwcbvzQZI78NuHqqJh6Ul6IBDsn85dWRooiHfEy+zWIR+g3C NCdNeaY3At3ri5PEHEs49lyoKsEHOJ2LcndJaotTe43a8kX1qHtFdJyrWvSdX7+pZ7vb +uh8phE70t7T+VeGbsPmuaSH+9Mxx6vhrYAdU= MIME-Version: 1.0 Received: by 10.43.45.197 with SMTP id ul5mr6418148icb.468.1314731064388; Tue, 30 Aug 2011 12:04:24 -0700 (PDT) Received: by 10.231.32.134 with HTTP; Tue, 30 Aug 2011 12:04:24 -0700 (PDT) In-Reply-To: References: Date: Tue, 30 Aug 2011 14:04:24 -0500 Message-ID: From: Joseph Kerian To: grarpamp , freebsd-geom@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Subject: Re: GELI passphrase and/or key via command line or environment X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Aug 2011 19:30:08 -0000 On Tue, Aug 30, 2011 at 12:46 AM, grarpamp wrote: > For both init and attach (and even elsewhere where > applicable), I'd like to be able to specify the passphrase > and key material via the command line and/or the environment. > Yes, we have -J/j and -K/k, but they only permit the use of files > or standard in. And of course standard in is not an arbitrary > file descriptor and as such is only usable once. So it cannot > be used with both jay and kay. I use both jay and kay, and want > to do so programmatically without blocking on keyboard input. > In the current implementation, I cannot achieve this. > > I'm well aware of all security implications of command line > and environment usage. > > Please offer your consideration of this feature request :) > Thanks. > I realize this isn't quite the same thing, but if you're using bash, you can achieve something like that with command file-redirection. geli -j <(echo "My j-file-contents") -k <(echo "My k-file-contents) If you want to see how this works, try variants on it cat <(echo "foo") echo <(echo "foo") ls -la <(echo "foo") -- -- Joe Kerian Email: jkerian@gmail.com