Extension: pass-mount 0.1.0 released
William Morris
me at williammorris.com
Sat Mar 7 18:33:08 CET 2020
`cryptsetup` support for systems without udisks is planned, however
feedback is needed on the naming of the device-mapper entry and the
mount point. Currently evaluating `luks-$FS_UUID` for the device-mapper
entry and an option to set the mountpoint that defaults to `/mnt`.
Should sudo be called inside the script to mount system disks?
The issue with the newline on the end of the keyfile is that udisksctl
needs it without a newline, otherwise it ends up with a newline in your
password.
On 3/7/20 11:39 AM, Johannes Larsen wrote:
> 2020-03-06 21:18:52 -0500, William Morris <me at williammorris.com> wrote:
>> Initial `udisks` support has been added to
>> [pass-mount](https://github.com/HXR/pass-mount) version 0.1.0
>
> Interesting, I might consider using something like this. Today I am
> using pass directly in scripts for unlocking disks with:
>
> pass <entry> | cryptsetup open <dev> <entry> --key-file=-
>
> And it should be noted that the keyfiles from these approaches differs
> slightly. When using `pass show` the output will always end with a
> newline, whilst your script stripped that off.
>
> It was easy to change my keyfiles to your udisks format. First try did
> not work because of the lack of newline, but it worked flawlessly when I
> changed the script to use: printf '%s\n' as the keyfile instead.
>
> It is not important to me whether or not there is a newline at the end,
> I just thought it was useful to note that not having it make your
> approach incompatible with using `pass show` directly.
>
More information about the Password-Store
mailing list