Is there a way to modify keyboard repeat rate for full disk encryption password?
Turning on the computer in the morning right after waken up gets pretty difficult sometimes due to brain dead connection to heavy fingers. I think slowing down the repeat rate would help avoid some of wrong password being typed out.
Fiddling around in Qubes system tools or working with kbdrate command have not gained anything fruitful.
Interesting question. I am not aware of a way to do this. Is the problem that your finger sometimes lingers on a key too long, resulting in that character being repeated multiple times instead of just once?
Yes, that is precisely the it. Sometimes my fingers aren’t nimble enough to lift a key stroke on time, which results in one or two repeated characters being slipped off unnoticed.
This is not a huge deal for the most part but I know there are paranoid users with crazy long password who occasionally suffer the same issue as I do either in the morning before coffee or late at night after some alcohol or who knows what. Or is that just me…?
As long as it’s not compromising the security, I would love to get some help on this.
I don’t know if there’s an addition step I need to take to have the service included in initramfs but just looking at the ArchWiki link, here is what I did:
I changed repeat value as 2 for the testing purpose.
sudo systemctl enable kbdrate
reboot
See that it didn’t work, systemctl disable kdbrate, edit, enable and reboot from basic.target, cryptsetup-pre.target, cryptsetup.target, getty.target, graphical.target, sysinit.target just to see what happens but none of them worked so far.
Having not done it myself, I can’t exactly walk you through it. But I
can point you in a few directions.
Have a look at the file /usr/lib/dracut/modules.d/90crypt/module-setup.sh. This is the file
dracut runs to put cryptsetup binaries and config in the initramfs. Line
87 for example, includes the crypttab. You may be able to add kbdrate
file here. I believe cryptroot-ask.sh is responsible for actually
requesting the password. Adding the kbdrate command to the top of this
file should have it execute before requesting the password.
Finally, run dracut -f --regenerate-all to have your changes included.
Note that these will be overwritten by any updates, though considering
we are on Fedora 25, I can’t see this happening any time soon.
In dom0: sudo nano /usr/lib/dracut/modules.d/90crypt/module-setup.sh
Above the line 60, inst_hook cmdline 30 “$moddir/parse-crypt.sh”
Insert: inst /usr/bin/kbdrate
Save
In dom0: sudo nano /usr/lib/dracut/modules.d/90crypt/crypt-lib.sh
Above the line 32, # ask_for_password
Insert: kbdrate -s -r xx -d xxx
Save
Create an initramfs to the latest image: sudo dracut -fv /boot/initramfs-x.xx.xxx-x.pvops.qubes.x86_64.img x.xx.xxx-x.pvops.qubes.x86_64
Reboot
Replace x with right number, of course, and the line numbers might not be 100% accurate but they are close enough to find the right line.
Please give me a feedback especially if there’s any improvement that I can make or if there’s better solution but for now this is a pretty good solution that I can live with!