Date: Tue, 30 Aug 2011 14:04:24 -0500 From: Joseph Kerian <jkerian@gmail.com> To: grarpamp <grarpamp@gmail.com>, freebsd-geom@freebsd.org Subject: Re: GELI passphrase and/or key via command line or environment Message-ID: <CALM2SrHZaz3CxWROCP_PeT==Vzbs7MrEnxNGH-yf0uhunu0wkA@mail.gmail.com> In-Reply-To: <CAD2Ti2-k6GtfdXBCxmk7-Bp400uwgRd-XCBKidfXxnztiuWcwQ@mail.gmail.com> References: <CAD2Ti2-k6GtfdXBCxmk7-Bp400uwgRd-XCBKidfXxnztiuWcwQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Aug 30, 2011 at 12:46 AM, grarpamp <grarpamp@gmail.com> wrote: > For both init and attach (and even elsewhere where > applicable), I'd like to be able to specify the passphrase > and key material via the command line and/or the environment. > Yes, we have -J/j and -K/k, but they only permit the use of files > or standard in. And of course standard in is not an arbitrary > file descriptor and as such is only usable once. So it cannot > be used with both jay and kay. I use both jay and kay, and want > to do so programmatically without blocking on keyboard input. > In the current implementation, I cannot achieve this. > > I'm well aware of all security implications of command line > and environment usage. > > Please offer your consideration of this feature request :) > Thanks. > I realize this isn't quite the same thing, but if you're using bash, you can achieve something like that with command file-redirection. geli <cmd> -j <(echo "My j-file-contents") -k <(echo "My k-file-contents) If you want to see how this works, try variants on it cat <(echo "foo") echo <(echo "foo") ls -la <(echo "foo") -- -- Joe Kerian Email: jkerian@gmail.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CALM2SrHZaz3CxWROCP_PeT==Vzbs7MrEnxNGH-yf0uhunu0wkA>