Root filesystem encryption update

Bruno Wolff III bruno at wolff.to
Tue Jun 19 05:59:15 UTC 2007


On Mon, Jun 18, 2007 at 21:57:51 -0400,
  Tony Nelson <tonynelson at georgeanelson.com> wrote:
> >On Mon, Jun 18, 2007 at 16:51:55 -0400,
> >  Jeremy Katz <katzj at redhat.com> wrote:
> >
> >40 probably isn't too many to make trying them all impractical. I expect
> >that it will take less than a second to try each one even with measures
> >to slow down password guessing. That's not nice for suspend resume, but
> >wouldn't be a deal breaker for initial boots.
>  ...
> 
> Couldn't it just start with the one that worked last time?

You could also have the person select a keymap when they enter a password,
similar to how you select one when running anaconda. There are probably
some other solutions as well. Another option would be to save the keys
they hit instead of the characters. That poses some problems if a keyboard
is swapped out for a different kind, but if you limited yourself to the
more standard areas of the keyboard when entering the passphrase, that
wouldn't be guaranteed to fail.




More information about the fedora-devel-list mailing list