New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add keyfile option to mount #241
Add keyfile option to mount #241
Conversation
Output has become much more verbose: mounting version 1.6: btree_subvolume_children opts=ro,errors=continue,degraded,nochanges,norecovery,read_only recovering from clean shutdown, journal seq 9 alloc_read... done stripes_read... done snapshots_read... done u64s 16 type inode_v3 0:4096:U32_MAX len 0 ver 0: mode=40755 flags= (16300000) journal_seq=1 bi_size=0 bi_sectors=0 bi_version=0bi_atime=90363614 bi_ctime=91363625 bi_mtime=91363625 bi_otime=90363614 bi_uid=0 bi_gid=0 bi_nlink=1 bi_generation=0 bi_dev=0 bi_data_checksum=0 bi_compression=0 bi_project=0 bi_background_compression=0 bi_data_replicas=0 bi_promote_target=0 bi_foreground_target=0 bi_background_target=0 bi_erasure_code=0 bi_fields_set=0 bi_dir=0 bi_dir_offset=0 bi_subvol=1 bi_parent_subvol=0 bi_nocow=0 u64s 17 type inode_v3 0:4097:U32_MAX len 0 ver 0: mode=40700 flags= (15300000) journal_seq=1 bi_size=0 bi_sectors=0 bi_version=0bi_atime=91363625 bi_ctime=91363625 bi_mtime=91363625 bi_otime=91363625 bi_uid=0 bi_gid=0 bi_nlink=0 bi_generation=0 bi_dev=0 bi_data_checksum=0 bi_compression=0 bi_project=0 bi_background_compression=0 bi_data_replicas=0 bi_promote_target=0 bi_foreground_target=0 bi_background_target=0 bi_erasure_code=0 bi_fields_set=0 bi_dir=4096 bi_dir_offset=453699834857023875 bi_subvol=0 bi_parent_subvol=0 bi_nocow=0 Signed-off-by: Roland Vet <RlndVt@protonmail.com>
Signed-off-by: Roland Vet <RlndVt@protonmail.com>
05f7c83
to
7ee83af
Compare
@koverstreet Added signed-of-by |
I also think the code needs some nomenclature clean-up: key & password are used interchangeably and I think some cohesion would be benificial. My suggestion would be to use key for the on disk master key, and the fs encryption/decryption; and password for the unlocking of the master key. That would result in the flow: Password -> unlocks -> key -> decrypts -> filesystem. If you agree I'll add/redo some work to align with this idea. |
23cc39e
to
4155ae4
Compare
Signed-off-by: Roland Vet <RlndVt@protonmail.com>
Signed-off-by: Roland Vet <RlndVt@protonmail.com>
- Add key_file option to Cli - Rework decryption flow logic to first attempt key_file - Read password from file and pass to decrypt_master_key Explicity specify '-k' for key_location Signed-off-by: Roland Vet <RlndVt@protonmail.com>
Signed-off-by: Roland Vet <RlndVt@protonmail.com>
Signed-off-by: Roland Vet <RlndVt@protonmail.com>
Signed-off-by: Roland Vet <RlndVt@protonmail.com>
Also key_location to key_policy Improve help description key policy Signed-off-by: Roland Vet <RlndVt@protonmail.com>
Signed-off-by: Roland Vet <RlndVt@protonmail.com>
Signed-off-by: Roland Vet <RlndVt@protonmail.com>
Signed-off-by: Roland Vet <RlndVt@protonmail.com>
Signed-off-by: Roland Vet <RlndVt@protonmail.com>
4155ae4
to
8a800c6
Compare
As discussed in #211; add a optional flag to specify a key file
Explicity specify '-k' for key_location
Tag @oz123