From 2cfee67820612878a7c1a2c8d3fdf912cb8e1075 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Tue, 6 Feb 2018 11:41:59 -0400 Subject: comment --- .../comment_1_62fc297972ab5be50b9cb8cd3aa269c0._comment | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 doc/forum/dm-crypt__47__LUKS_encryption_and_key_management/comment_1_62fc297972ab5be50b9cb8cd3aa269c0._comment diff --git a/doc/forum/dm-crypt__47__LUKS_encryption_and_key_management/comment_1_62fc297972ab5be50b9cb8cd3aa269c0._comment b/doc/forum/dm-crypt__47__LUKS_encryption_and_key_management/comment_1_62fc297972ab5be50b9cb8cd3aa269c0._comment new file mode 100644 index 00000000..0962459f --- /dev/null +++ b/doc/forum/dm-crypt__47__LUKS_encryption_and_key_management/comment_1_62fc297972ab5be50b9cb8cd3aa269c0._comment @@ -0,0 +1,17 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 1""" + date="2018-02-06T15:37:45Z" + content=""" +Not aware of anyone using propellor for that yet. + +Propellor's LVM module would probably be a decent starting point for +implementing dm-crypt support. + +Key/passwords could certianly be managed with propellor's privdata +interface. Whether it makes sense to do so for security is probably up to +the individual user, since privdata can be decrypted with your gpg private +key, which you might not want to equate to access to your encrypted volume. +Also, privdata is stored on the host that uses it in unencrypted form +protected only by file permissions. +"""]] -- cgit v1.2.3