From: Klemens Nanni <kn@openbsd.org>
Subject: Re: [patch] Autoinstall with disk encryption
To: tech@openbsd.org
Date: Thu,  8 Feb 2024 14:23:00 +0000

2/8/24 14:29, Stuart Henderson пишет:
> On 2024/02/08 11:07, Klemens Nanni wrote:
>> +		[pP]*)
>> +			while :; do
>> +				ask_password 'Passphrase for the root disk?'
>> +				[[ -n "$_password" ]] && break
>> +				echo 'The passphrase must be set.'
>> +			done
>> +			PASSFILE=/tmp/i/passfile
>> +			(umask 077 && print -r -- "$_password" >$PASSFILE)
> 
> This is fairly distasteful, OpenBSD usually goes out of its way to
> even wipe sensitive things like this even from memory in a single
> process after use.

Yes, that's a drawback from using ask_*() -- keeping interactive
installs to bioctl(8)'s interactive prompt avoids this.

> If doing this, it might be better to only have this question for the
> autoinstall case (like how ask_root_sshd is done) and use the standard
> bioctl method for manual install.

That's exactly the approach in my first diff, which afresh1 OK'ed.

>>  	bioctl -Cforce -cC -l${_chunk}a $_args softraid0 >/dev/null
>> +	rm -f $PASSFILE
> 
> rm -fP perhaps?

Sure, can do.

> But, do enough people really want autoinstall with FDE from a password
> fetched from a webserver to be worth doing this? It doesn't seem very
> sensible to me.

It is rare, but if people control the install network/environment and
want to do that...