Comment 47 for bug 313812

Revision history for this message
In , Denis (denis-redhat-bugs) wrote :

Hi Eric,

Thanks a lot for the explanation. I played with keyctl and now see what is going on.
However, this automatic caching leads to a false sense of security. Whatever strength I use for the crypted FS key (30+ characters), the overall security is only as strong as my (8 to 10 character) password. And I don't get any warning of this fact.

Is there a way to disable this automatic caching?
Until I understand more completely the whole process, it seems I must do an alias on the umount command to be immediately followed by "keyctl clear @u" command.

Thank you very much for the time you spent on this.