dracut: set --keyname
for systemd-ask-password
#15913
Labels
Type: Feature
Feature request or new feature
--keyname
for systemd-ask-password
#15913
Describe the feature you would like to see added to OpenZFS
Please set a
--keyname
forsystemd-ask-password
. The name should probably contain "zfs" and maybe the encryption root in some suitable format (not sure which characters are allowed and whether slashes must be rewritten to something else).How will this feature improve OpenZFS?
With the relatively new
pam_systemd_loadkey
, the same passphrase can be used for zfs encryption and the desktop session keyring (Gnome Keyring/KWallet) and must be provided only once on boot.Additional context
My laptop is used only by myself. For a complete boot I currently need three passwords, all adding a different kind of protection:
With the addition of
--keyname
and the use ofpam_systemd_loadkey
, only two passwords are required, without giving up much security. Especially since the first two passwords (BIOS/UEFI and ZFS encryption) are queried early in the boot procedure, I can prepare other stuff while my system services take their time to start up and then without any further interaction also the user autostart applications can load.The text was updated successfully, but these errors were encountered: