[opensuse] log: Key file /dev/urandom is world-readable. This is not a good idea!
Howdy... While trying to trace a weird problem that has recently appeared in the LXDE panels (lxpanel), I looked in the system logs. I didn't find anything relevant to my problem in there but I did find something unrelated that looks a bit strange: May 06 17:20:27 msbhpmain systemd-cryptsetup[933]: Invalid passphrase. May 06 17:20:28 msbhpmain systemd-cryptsetup[993]: Key file /dev/urandom is world-readable. This is not a good idea! I mistyped one of my LUKS passwords as my ancient fingers are sometimes wont to do. No big deal. But the 2nd line above looks strange... Comments? Thanks. Ralph -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
I should have said: this is on a Leap 42.1 system with all updates
(and with an LXDE desktop)
On Sat, 7 May 2016 08:15:42 -0500
listreader
Howdy...
While trying to trace a weird problem that has recently appeared in the LXDE panels (lxpanel), I looked in the system logs. I didn't find anything relevant to my problem in there but I did find something unrelated that looks a bit strange:
May 06 17:20:27 msbhpmain systemd-cryptsetup[933]: Invalid passphrase. May 06 17:20:28 msbhpmain systemd-cryptsetup[993]: Key file /dev/urandom is world-readable. This is not a good idea!
I mistyped one of my LUKS passwords as my ancient fingers are sometimes wont to do. No big deal. But the 2nd line above looks strange...
Comments? Thanks.
Ralph
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Am Samstag, 7. Mai 2016, 08:15:42 schrieb listreader:
[...] May 06 17:20:28 msbhpmain systemd-cryptsetup[993]: Key file /dev/urandom is world-readable. This is not a good idea! [...] Comments? Thanks.
It looks like you have your swap encrypted and /dev/urandom is used as a key(sic!) file for encryption. This is totally okay here while in most of all other cases, it would be a pretty bad idea to let everyone read your key file. See also: https://lists.freedesktop.org/archives/systemd-devel/2015-February/027779.ht... Gruß Jan -- Remember the turtle, he never makes any progress until he sticks his neck out. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sat, 07 May 2016 15:34:25 +0200
Jan Ritzerfeld
Am Samstag, 7. Mai 2016, 08:15:42 schrieb listreader:
[...] May 06 17:20:28 msbhpmain systemd-cryptsetup[993]: Key file /dev/urandom is world-readable. This is not a good idea! [...] Comments? Thanks.
It looks like you have your swap encrypted and /dev/urandom is used as a key(sic!) file for encryption. This is totally okay here while in most of all other cases, it would be a pretty bad idea to let everyone read your key file. See also: https://lists.freedesktop.org/archives/systemd-devel/2015-February/027779.ht...
Yes indeed, swap is encrypted. Thank you also for the link. Ralph -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (2)
-
Jan Ritzerfeld
-
listreader