[Bug 1723694] [NEW] When mounted from file storage and using /dev/urandom for key, passphrase is still asked at boot time when more than 1 entry in /etc/crypttab

Konstantin Boyandin 1723694 at bugs.launchpad.net
Sun Oct 15 02:46:20 UTC 2017 

Public bug reported:

OS: Ubuntu 16.04.3 64bit, all latest updates applied.

Setup:

# dd if=/dev/urandom of=/var/cswap bs=1M count=128
128+0 records in
128+0 records out
134217728 bytes (134 MB, 128 MiB) copied, 9.85457 s, 13.6 MB/s
# dd if=/dev/urandom of=/var/ctmp bs=1M count=128
128+0 records in
128+0 records out
134217728 bytes (134 MB, 128 MiB) copied, 9.43066 s, 14.2 MB/s
# chmod 600 /var/cswap /var/ctmp

Setup 1:

/etc/crypttab:
cswap /var/cswap /dev/urandom swap,cipher=aes-xts-plain64

/etc/fstab:
/dev/mapper/cswap none swap sw,nofail 0 0

System boots normally, cswap is initialzed and encrypted swap is
mounted.

Setup 2:
/etc/crypttab:
cswap /var/cswap /dev/urandom swap,cipher=aes-xts-plain64
ctmp /var/ctmp /dev/urandom tmp

/etc/fstab:
/dev/mapper/cswap none swap sw,nofail 0 0
/dev/mapper/ctmp /tmp            ext4    defaults,noatime,nodiratime,nosuid,nofail        0       2

When booting, the below is asked at init screen (on console):
"Please enter passphrase for disk cswap on none!"
(will not proceed with boot sequence until answered)

After Enter is pressed, system boots up, both cswap and ctmp are
initialized and mounted.

** Affects: cryptsetup (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: ubuntu

** Tags added: ubuntu

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1723694

Title:
  When mounted from file storage and using /dev/urandom for key,
  passphrase is still asked at boot time when more than 1 entry in
  /etc/crypttab

Status in cryptsetup package in Ubuntu:
  New

Bug description:
  OS: Ubuntu 16.04.3 64bit, all latest updates applied.

  Setup:

  # dd if=/dev/urandom of=/var/cswap bs=1M count=128
  128+0 records in
  128+0 records out
  134217728 bytes (134 MB, 128 MiB) copied, 9.85457 s, 13.6 MB/s
  # dd if=/dev/urandom of=/var/ctmp bs=1M count=128
  128+0 records in
  128+0 records out
  134217728 bytes (134 MB, 128 MiB) copied, 9.43066 s, 14.2 MB/s
  # chmod 600 /var/cswap /var/ctmp

  Setup 1:

  /etc/crypttab:
  cswap /var/cswap /dev/urandom swap,cipher=aes-xts-plain64

  /etc/fstab:
  /dev/mapper/cswap none swap sw,nofail 0 0

  System boots normally, cswap is initialzed and encrypted swap is
  mounted.

  Setup 2:
  /etc/crypttab:
  cswap /var/cswap /dev/urandom swap,cipher=aes-xts-plain64
  ctmp /var/ctmp /dev/urandom tmp

  /etc/fstab:
  /dev/mapper/cswap none swap sw,nofail 0 0
  /dev/mapper/ctmp /tmp            ext4    defaults,noatime,nodiratime,nosuid,nofail        0       2

  When booting, the below is asked at init screen (on console):
  "Please enter passphrase for disk cswap on none!"
  (will not proceed with boot sequence until answered)

  After Enter is pressed, system boots up, both cswap and ctmp are
  initialized and mounted.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1723694/+subscriptions

More information about the foundations-bugs mailing list