From owner-freebsd-geom@FreeBSD.ORG Fri Sep 9 22:24:33 2011 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A38D3106566B for ; Fri, 9 Sep 2011 22:24:33 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: from mail-yw0-f54.google.com (mail-yw0-f54.google.com [209.85.213.54]) by mx1.freebsd.org (Postfix) with ESMTP id 673F68FC08 for ; Fri, 9 Sep 2011 22:24:33 +0000 (UTC) Received: by ywa17 with SMTP id 17so2397894ywa.13 for ; Fri, 09 Sep 2011 15:24:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=DCjhbhD9Td0xPaqK5crfQfrbGiReXvcN6ELF90SsHKY=; b=BnHqz586X31MMjtFcrw7z8GW2ZJ8vSKN0qPrpypy7wkgOLwXVVKsEcQ0PSEBg1anSK 3VZ3krtPLvMuEdP9Tj07wZ+1Wo9p4XLBrPReJl4jR0kT9Br/Mz266pzd6UriA0Yw4svE PaU0SouRtVIcSIsM4vBZ1gIDxpbyHAbY11ALQ= MIME-Version: 1.0 Received: by 10.68.1.42 with SMTP id 10mr239724pbj.394.1315607072256; Fri, 09 Sep 2011 15:24:32 -0700 (PDT) Received: by 10.142.185.11 with HTTP; Fri, 9 Sep 2011 15:24:32 -0700 (PDT) In-Reply-To: <4E69DD4C.2000502@freebsd.org> References: <4E69DD4C.2000502@freebsd.org> Date: Fri, 9 Sep 2011 18:24:32 -0400 Message-ID: From: grarpamp To: freebsd-geom@freebsd.org Content-Type: text/plain; charset=UTF-8 Subject: Re: GELI passphrase and/or key via command line or environment X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Sep 2011 22:24:33 -0000 >> For both init and attach (and even elsewhere where >> applicable), I'd like to be able to specify the passphrase >> and key material via the command line and/or the environment. >> Yes, we have -J/j and -K/k, but they only permit the use of files >> or standard in. And of course standard in is not an arbitrary >> file descriptor and as such is only usable once. So it cannot >> be used with both jay and kay. I use both jay and kay, and want >> to do so programmatically without blocking on keyboard input. >> In the current implementation, I cannot achieve this. > I think since the -j/-J flags to geli(8) have been introduced, you may play > some tricks with the shell to redirect input (on stable/8 and later systems). If you're referring to Joseph's suggestion (or expect, etc), they would not apply because they are shell hacks, specific to, and only present in, certain shells (or external apps). The solution needs to be in geli, not the shell. > For stable/7 systems the attached patch should do what you're looking for. -J/j are not present in RELENG_7. -K/k are present in RELENG_7. I track RELENG_8 and HEAD (trunk), which have both. > patch... the ability to read the passphrase from stdin (new -t cli flag) In RELENG_8, this is already the case. I can't do this because stdin here would be overloaded: geli init -J - -K - (Also, the patch says 'password' in places, shouldn't that be replaced with 'passphrase' to be consistent?) The two factors, know and have, as they exist today: prompt stdin file cli env know,pph,j x + x o o have,key,k o + x o o Where x and + are available, o is not. And where + is one or the other, not both. I'd like this to become: prompt stdin file cli env know,pph,j x + x x x have,key,k x + x x x The cli '-', shell '< or |', and a program prompt could all be considered stdin. Though I've seen program prompts that only accept keyboard input. 'cli' means you enter it as/on one big command line. 'file' and 'env' should be self explanatory. In the absense of the program rewriting its 'ps' output, using the environment would be the more 'secure' option to start with. I'm not sure if a program can rewrite everything, or just its own name.