# Fripost's debconf configuration
#
# Copyright 2013 Guilhem Moulin <guilhem@fripost.org>
#
# Licensed under the GNU GPL version 3 or higher.

Template: fripost-install/full-disk-encryption
Type: boolean
Default: true
Description: Should the system disk be fully encrypted? (Excluding /boot.)

Template: fripost-install/full-disk-encryption-password
Type: password
Default:
Description: Password for full-disk encryption.

Template: fripost-install/full-disk-encryption-fill
Type: select
Default: zero
Choices: none, zero, urandom, random
Description: Which kind of data fill the disk with before encryption.

Template: fripost-install/full-disk-encryption-fill_progress_title
Type: text
Description: Filling ${DISK} with ${SIZE} ${WHAT}

Template: fripost-install/full-disk-encryption-fill_progress_info
Type: text
Description: ${COMMAND}

Template: fripost-install/full-disk-encryption-slurpkey_title
Type: note
Description: Waiting for passphrase

Template: fripost-install/full-disk-encryption-slurpkey_text
Type: text
Description: Press 'continue' once you have sent the key
 You now need to send the encryption key for LUKS/dm-crypt to
 this special-purpose SSH server:
 .
     ssh -T -p 22 -l root ${IPv4} < /path/to/key
 .
 To defeat MiTM-attacks, please ensure that the server fingerprint matches
 .
     ${SSHFPR_SERVER}
 .
 Key(s) that are granted access have the following fingerprint:
 .
     ${SSHFPR_AUTHORIZED}
 .
 Note: This server is ephemeral, and will be replaced with a full-blown
 one toward the end of the installation.