ecryptfs team mailing list archive
-
ecryptfs team
-
Mailing list archive
-
Message #01644
[Bug 495339] Re: Passphrase not verified for encrypted homes
Dave,
Not sure I'll be able to clarify much for you. Now that the install is
complete, I have no plans to retry until it's necessary. Am reporting
the bug because I'm hoping to avoid potential issues in the future.
I don't think I did anything fancy. I just installed Karmic from the CD
installer. I found an option in one of the steps that allowed for
encrypted homes, so I enabled the option. I don't remember after that
point when I was prompted for the passphrase. It may have been during
the install itself, but more likely, as I'm gathering from other
sources, it was launched post-install by a notification window. The
prompts weren't from a full-fledged GUI like GTK, but I don't remember
if it was a shell script or some kind of ad-hoc widget.
When I was prompted for the passphrase, I wondered if it would ask me to
confirm. Since I wasn't sure, I was careful entering the passphrase,
but after hitting enter to accept the passphrase, I wasn't prompted to
verify. I expected a second prompt to verify the passphrase entry (like
passwords are verified).
I feel like I'm repeating myself, so if there's something specific
you're looking for, please let me know, and I'll see if I remember. If
you have a machine that you could set up to test this, then perhaps you
could actually reproduce this, as I don't think this is an intermittent
problem. Based on bug 359997, I would venture to say that the issue
should be reproducible on a test install image by running the ecryptfs-
unwrap-passphrase script.
--
Passphrase not verified for encrypted homes
https://bugs.launchpad.net/bugs/495339
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu.
Status in “ecryptfs-utils” package in Ubuntu: New
Bug description:
Binary package hint: ecryptfs-utils
I recently installed Karmic Koala, and opted for an encrypted home. I was horrified at the interface for doing this, however. My biggest concern was that the passphrase I was expected to create was never asked to be confirmed. I thought this was routine practice by now.
The obvious concern is that something as small as a typo is enough to permanently cause data loss with this configuration. While this issue seems to have been raised in bug 359997, the bug is older than Karmic, and marked fixed. I asked whether the issue had been corrected, but didn't get a response.
Solution: new bug
References