[Bug 1903875] [NEW] cryptgnupg-sc initramfs script with plymouth locks up pinentry
Keeley Hoek
1903875 at bugs.launchpad.net
Wed Nov 11 15:29:51 UTC 2020
Public bug reported:
It's great that the `cryptgnupg-sc` keyscript exists and runs out-of-
the-box, and it (and its brethren) should be more widely known!
However, `cryptgnupg-sc` prompts using `pinentry-ncurses` which 1. hides
behind plymouth so it looks everything has hung, and 2. actually locks
up when you try to enter a password (try it) because (I believe)
plymouth captures [ENTER] so you can't actually select OK on the
pinentry dialog.
To fix this, I think all that needs to happen is the copy of `pinentry`
copied into the initramfs by the `cryptgnupg-sc` hook needs to be
replaced. Are the maintainers aware of this project:
https://github.com/werwurm/plymentry which essentially does this? (That
repository also houses some scripts which are irrelevant for our
purposes here.)
Is there scope to ship a tiny binary which replaces pinentry with
`cryptsetup-initramfs`? (GNUPG would be none-the-wiser.) This would make
the family of shipped keyscripts work really well just by setting up
`/etc/crypttab`, without any initramfs script hacking at all. At the
moment its tantalizingly close!
Kind regards,
Keeley
** Affects: cryptsetup (Ubuntu)
Importance: Undecided
Status: New
** Description changed:
It's great that the `cryptgnupg-sc` keyscript exists and runs out-of-
the-box, and it (and its brethren) should be more widely known!
However, `cryptgnupg-sc` prompts using `pinentry-ncurses` which 1. hides
behind plymouth so it looks everything has hung, and 2. actually locks
up when you try to enter a password (try it) because (I believe)
plymouth captures [ENTER] so you can't actually select OK on the
pinentry dialog.
To fix this, I think all that needs to happen is the copy of `pinentry`
copied into the initramfs by the `cryptgnupg-sc` hook needs to be
replaced. Are the maintainers aware of this project:
https://github.com/werwurm/plymentry which essentially does this? (That
repository also houses some scripts which are irrelevant for our
purposes here.)
Is there scope to ship a tiny binary which replaces pinentry with
`cryptsetup-initramfs`? (GNUPG would be none-the-wiser.) This would make
the family of shipped keyscripts work really well just by setting up
- `/etc/crypttab`, without any initramfs script hacking at all.
+ `/etc/crypttab`, without any initramfs script hacking at all. At the
+ moment its tantalizingly close!
Kind regards,
Keeley
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1903875
Title:
cryptgnupg-sc initramfs script with plymouth locks up pinentry
Status in cryptsetup package in Ubuntu:
New
Bug description:
It's great that the `cryptgnupg-sc` keyscript exists and runs out-of-
the-box, and it (and its brethren) should be more widely known!
However, `cryptgnupg-sc` prompts using `pinentry-ncurses` which 1.
hides behind plymouth so it looks everything has hung, and 2. actually
locks up when you try to enter a password (try it) because (I believe)
plymouth captures [ENTER] so you can't actually select OK on the
pinentry dialog.
To fix this, I think all that needs to happen is the copy of
`pinentry` copied into the initramfs by the `cryptgnupg-sc` hook needs
to be replaced. Are the maintainers aware of this project:
https://github.com/werwurm/plymentry which essentially does this?
(That repository also houses some scripts which are irrelevant for our
purposes here.)
Is there scope to ship a tiny binary which replaces pinentry with
`cryptsetup-initramfs`? (GNUPG would be none-the-wiser.) This would
make the family of shipped keyscripts work really well just by setting
up `/etc/crypttab`, without any initramfs script hacking at all. At
the moment its tantalizingly close!
Kind regards,
Keeley
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1903875/+subscriptions
More information about the foundations-bugs
mailing list