archinstall 4.2 now available: fixes botched disk encryption security
Posted by somerandomxander@reddit | linux | View on Reddit | 8 comments
Posted by somerandomxander@reddit | linux | View on Reddit | 8 comments
6e1a08c8047143c6869@reddit
Not sure why someone would do that in the first place. I mean, If you locked down your root partition with dm-verity and don't store any sensitive data on it, it's not a big issue, but it's not like archinstall supported that setup in the first place... So not very surprising the issue has been known and unfixed since 2023.
ang-p@reddit
You mean like the keys for
/homewhich you did encrypt?Didn't it? - just select the partitions you want encrypted....
That didn't seem like the tone of Torxed's response... Even if it did then languish for a few years
and if it was not "supported" then why was the issue fixed instead of the mix of excrypted/unencrypted partitions being rejected?
6e1a08c8047143c6869@reddit
You can use per-user encryption for that (for example with systemd-homed) without storing any sensitive data on root.
I was referring to the dm-verity stuff.
ang-p@reddit
This is not "can" - it is what archinstall did that matters....
It did encrypt the home partition (as requested)
It did not encrypt root (as requested)
But still stored the keys on the root partition which kind of defeats the encryption....
It does NOT mean - as some said that the home partition was effectively unencrypted.... trash the root partition without backing up the keys and then tell me that the home partition is totally unencryptable. Yeah - it was "security through poor obscurity" - but that partition was encrypted
How would that prevent someone from reading the plain-text keys from the unencrypted root partition? I suppose it would mean that you knew that you were reading the keys accurately.. so you could be certain of unlocking the encrypted partition... :-D
Synthetic451@reddit
Yeah definitely feels like a use case that's niche and unnecessary. Encryption is so cheap these days why wouldn't you encrypt root.
It would probably be better to just not even allow an unencrypted root if the user specified they wanted disk encryption.
ang-p@reddit
You mean take away the freedom of the arch user doing what the arch user wanted to do?
Doesn't that kind of go against the whole "let the user configure the system how they want it" sort of vibe?
Synthetic451@reddit
I would say that's a fair point, but in this situation, the installer would be intentionally misleading the user into thinking that it enabled encryption for them, when really it effectively did not.
An unencrypted root basically allows any user to break encryption on the other drives.
ang-p@reddit
The partition was totally encrypted - trash
/without a backup key and tell me how to get the data backNo different from people who encrypted their homedirs and enabled autologin - if you could boot the machine, bam!
Which was likely why Torxed answered in the positive with an exclamation mark....
Eh? No it doesn't.....
The unencrypted root here is only a problem because archinstall puts the keys to the kingdom unencrypted on that unencrypted partition.
That is not a failing of encryption, but of archinstall.