When you boot up the encrypted volume thing asks for "LUKS Password:" Now this lacks a little in description. How about some kind of an indicator of which volume we are talking about in case in the future we are dealing with more than one. More important how about something like "LUKS disk volume password:" So that less skilled people can know what you are asking about. Also how about adding 9 alpha 1 to the list of versions so that this can be tracked better.
Also apparently when you type in the pass phrase, you only have one shot at it. Now having go after go at it may be a security issue, but only one chance will get users to start throwing their computers through a window. ;-)
Imho an initscripts bug, therefore I change the component. If you consider this to be a bug in cryptsetup, please use cryptsetup-luks as the component.
initscripts is not involved with this prompt.
Hm, changing the prompt to be "LUKS disk volume password:" in cryptsetup sounds wrong to me, because it may not be a disk volume, because cryptsetup can be used to encrypt any file/block device (e.g. cds, usb sticks, floppies). A change to "LUSK password to open %s as %s:" with the device and the name for the mapping provided would not hurt, imho. Nevertheless, it is possible to pipe the passwort to cryptsetup and get it first from the user with an arbitrary prompt, which would allow to provide even more information about the volume, e.g. it could be explained that it is the root partition when the root partition is mounted.
How about just LUSK encrption key password: Instead of just LUSK Password. At least that gives people who are not conversent with what LUKS is a clue as to what they are dealing with and which password is being asked for.
I did just check and found a difference in the process. It has fixed the comment #1. This is a BIG help. If you enter the password wrong now, it asks again. At least if you guess wrong in what password we are talking about you get a second chance without having to totally restart the boot process.
Created attachment 302488 [details] Patch to add device to the prompt Here's a patch that adds the device name. I'm not sure the mapper device is particularly relevant, but I could be wrong. The reason I'd rather do this in cryptsetup for now is that trying to do all the prompting and piping from shell would be a real pain.
Added in 1.0.6-2.
*** Bug 437261 has been marked as a duplicate of this bug. ***