Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 437499 - silently rejects certain encryption passphrases
silently rejects certain encryption passphrases
Product: Fedora
Classification: Fedora
Component: anaconda (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: David Lehman
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2008-03-14 12:22 EDT by Bill Nottingham
Modified: 2014-03-16 23:12 EDT (History)
1 user (show)

See Also:
Fixed In Version: anaconda-
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-03-18 12:11:38 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Bill Nottingham 2008-03-14 12:22:01 EDT
Description of problem:

Hit the spacebar eight times for your encryption passphrase. anaconda doesn't
throw an error, but appears to have rejected it.

Version-Release number of selected component (if applicable):

Comment 1 Bill Nottingham 2008-03-14 13:20:02 EDT
It appears to be treating it as blank - any leading or trailing spaces on
passphrases are removed as well.
Comment 2 David Lehman 2008-03-14 13:32:42 EDT
I'm so used to stripping leading/trailing whitespace from input that I did it
for the passphrases as well. You think we should preserve it, I take it?
Comment 3 Bill Nottingham 2008-03-14 13:34:42 EDT
Not sure. Do we do it for passwords?

If nothing else, you may want to move the character count until after the strip.
Comment 4 David Lehman 2008-03-14 14:36:46 EDT
To my surprise we do not do any stripping of whitespace from the root password.
The more I think about it, the more I think we should not do any unrequested
modification of the passphrase. It's exactly the sort of thing that pisses me
off as a user.

While I'm at it, any thoughts on enforcing a limited character set like we do
for the password? (string.digits + string.ascii_letters + string.punctuation + "
") It  doesn't seem necessary to me, but I know nothing of such things.
Comment 5 Bill Nottingham 2008-03-14 14:44:18 EDT
Well, it would obviate some of the keymap issues if we did. Don't know it's 100%
*necessary*, though.
Comment 6 David Lehman 2008-03-18 12:11:38 EDT
Should be fixed in anaconda-

Note You need to log in before you can comment on or make changes to this bug.