From owner-freebsd-geom@FreeBSD.ORG Thu Sep 9 14:17:50 2004 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8F6D716A4CE for ; Thu, 9 Sep 2004 14:17:50 +0000 (GMT) Received: from frontend1.messagingengine.com (frontend1.messagingengine.com [66.111.4.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5CA7643D3F for ; Thu, 9 Sep 2004 14:17:50 +0000 (GMT) (envelope-from list-freebsd-2004@morbius.sent.com) X-Sasl-enc: 5rVdPXPkCgiSW3FUnHOAJg 1094739462 Received: from modem-1992.lemur.dialup.pol.co.uk (modem-1992.lemur.dialup.pol.co.uk [217.135.135.200]) by frontend1.messagingengine.com (Postfix) with ESMTP id 7F195C1557C for ; Thu, 9 Sep 2004 10:17:42 -0400 (EDT) From: "R. W." To: freebsd-geom@freebsd.org Date: Thu, 9 Sep 2004 15:17:39 +0100 User-Agent: KMail/1.6.2 References: <200409050234.13571.list-freebsd-2004@morbius.sent.com> <20040907080941.GH34157@afields.ca> <20040907082311.GI34157@afields.ca> In-Reply-To: <20040907082311.GI34157@afields.ca> MIME-Version: 1.0 Content-Disposition: inline Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200409091517.39846.list-freebsd-2004@morbius.sent.com> Subject: Re: Attaching two gbde partitions with the same password X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Sep 2004 14:17:50 -0000 On Tuesday 07 September 2004 09:23, Allan Fields wrote: > Add lines below to the examples (in case $pass hangs around.) > > On Tue, Sep 07, 2004 at 04:09:41AM -0400, Allan Fields wrote: > > The only issue with reading in passwords from a shell script is to > > not echo to the tty. There are ways around this problem such as: > > > > In bash you can use: > > read -esp "Enter passphrase: " pass > > gbde attach $dev -l $lck -p $pass > > gbde attach $dev2 -l $lck2 -p $pass > pass=`head -c1024 /dev/urandom`; unset pass > > > otherwise: > > tmp=`stty -g`; stty -echo > > read -p "Enter passphrase: " pass > > echo; stty $tmp > > gbde attach $dev -l $lck -p $pass > > gbde attach $dev2 -l $lck2 -p $pass > pass=`head -c1024 /dev/urandom`; unset pass > > > You could put this into your rc.early or something similarly early > > in the boot sequence if it suits your needs. (For security reasons > > passing the passphrase on the command line should be done before > > going multiuser.) Thanks for your help. If I'm the only user, and I have no remote access enabled, do I gain much by attaching before going multiuser? > pass=`head -c1024 /dev/urandom`; unset pass I don't think this line works as intended. I had a quick look at the bash source, and it looks as if it allocates memory for the new string, and frees the old one.