From owner-freebsd-geom@FreeBSD.ORG Tue Aug 30 06:16:01 2011 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BB1A2106566B for ; Tue, 30 Aug 2011 06:16:01 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: from mail-pz0-f45.google.com (mail-pz0-f45.google.com [209.85.210.45]) by mx1.freebsd.org (Postfix) with ESMTP id 9A5378FC12 for ; Tue, 30 Aug 2011 06:16:01 +0000 (UTC) Received: by pzk33 with SMTP id 33so21282995pzk.18 for ; Mon, 29 Aug 2011 23:16:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=ier7R3XZdF5I9M+JGzPHl5WPKNJfwol87mwGA3LBrqk=; b=PM7TWryxILNetSPzQP27QnbEn+x8dpD5Myf3qh+RBvniknpw+MgsmbaUZJavG5ehG5 yOjb3pn6f0Y/sL478x/3QX9DMyJJ0WOQofULmsh3UCuwIRs2bs3r8Mq73VoAYQ2A4tNZ hNhpZtke6B3wmJ9GzfaAOti9znLHcMhr1rqz4= MIME-Version: 1.0 Received: by 10.142.149.35 with SMTP id w35mr2808421wfd.387.1314683191842; Mon, 29 Aug 2011 22:46:31 -0700 (PDT) Received: by 10.142.185.11 with HTTP; Mon, 29 Aug 2011 22:46:31 -0700 (PDT) Date: Tue, 30 Aug 2011 01:46:31 -0400 Message-ID: From: grarpamp To: freebsd-geom@freebsd.org Content-Type: text/plain; charset=UTF-8 Subject: GELI passphrase and/or key via command line or environment X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Aug 2011 06:16:01 -0000 For both init and attach (and even elsewhere where applicable), I'd like to be able to specify the passphrase and key material via the command line and/or the environment. Yes, we have -J/j and -K/k, but they only permit the use of files or standard in. And of course standard in is not an arbitrary file descriptor and as such is only usable once. So it cannot be used with both jay and kay. I use both jay and kay, and want to do so programmatically without blocking on keyboard input. In the current implementation, I cannot achieve this. I'm well aware of all security implications of command line and environment usage. Please offer your consideration of this feature request :) Thanks.