Download | Devuan.org | Git | Bugs | Packages

The officially official Devuan Forum!

You are not logged in.

Pages: 1

#1 Hardware & System Configuration » pamu2fcfg not working on chimaera as user (nonroot), but ... » 2023-09-13 11:28:21

deutschem
Replies: 0

Hello,

... on Daedalus or Debian or Ubuntu it works with nonroot user.

(Want to use fido stick for 2fa with sudo)

therefore there are maybe wrong permissions (file/folder) in chimaera for oamu2fcg-system ? Where ?

thank yoou

#2 Re: Hardware & System Configuration » Luks decrypt home on boot with key and fallback password » 2023-08-15 14:04:48

deutschem

yes, seems that is also my way to use keyfile on stick and if the key is lost/damaged i fix it with the password slot and a live CD, not fancy. I feel I do not trust the keyscript-thing

fsmithred wrote:

This page might have the answer. It looks like you have to use a keyscript. https://stackoverflow.com/questions/197 … o-keyboard

I've never done that. I use a keyfile, and if the keyfile is doesn't work, I have a keyslot with a passphrase that I can use to fix it (make a new keyfile) after booting a live-CD or live-USB.

.

#3 Re: Hardware & System Configuration » Luks decrypt home on boot with key and fallback password » 2023-08-15 14:01:36

deutschem

yes, sorry I wrote it unclear, i want the fallback on boot (Boot->Stick is plugged->encrypt with keyfile (this works)), now if stick is not plugged in i want boot-> ask for password (in my case in slot 0)
If i do not plug in the stick, then the boot process runs fine to the end but of course without /home mounted....

rolfie wrote:

Ok, then you have your fallback option already. I am not 100% sure how that works in your case, I am used to use full disk encryption.

What happens in your case when the key stick isn't plugged in? Do you end up in the initramfs?

#4 Re: Hardware & System Configuration » Luks decrypt home on boot with key and fallback password » 2023-08-14 12:30:09

deutschem

in my LUKS volume i have 2 slots, one (slot 0) with a password and the second (with lukdAddKey) with the keyfile.

#5 Hardware & System Configuration » Luks decrypt home on boot with key and fallback password » 2023-08-14 06:06:25

deutschem
Replies: 7

Hi,

i 've configure successfully configured that my home partition was unlocked with a plugged in usb stick.
but i dont know how to configure the fallback (if stick is not pugged in use password).

the most hints are for systemd for ex:
https://forums.debian.net/viewtopic.php?t=152061

I use SysVinit

unplugged usb:
Sun Aug 13 21:44:58 2023: Starting remaining crypto disks...crypt_home (starting)...Invalid key path
Sun Aug 13 21:44:58 2023: Cannot seek to requested keyfile offset.
Sun Aug 13 21:44:58 2023: Invalid key path
Sun Aug 13 21:44:58 2023: Cannot seek to requested keyfile offset.
Sun Aug 13 21:44:58 2023: Invalid key path
Sun Aug 13 21:44:58 2023: Cannot seek to requested keyfile offset.
Sun Aug 13 21:44:58 2023: crypt_home (failed)...^[[31mfailed.^[[39;49m
Sun Aug 13 21:44:58 2023: done.

thank you

regards

Pages: 1

Board footer

Forum Software