You are not logged in.
If you install Arch (2009.8) and do not encrypt root (/), but rather only a specific mountpoint such as /home, the passphrase is stored in cleartext in /etc/crypttab. The problem is, an attacker could simply mount root and grab the passphrase. If root is also encrypted then this is not a problem, but if root is not encrypted then it's certainly is.
So, currently the installer puts the passphrase directly into crypttab, even if root itself is not encrypted. Should the installer set this to "ASK" by default when root itself is also not encrypted?
I couldn't seem to find a bug report on this, but thought it's worth discussing first. If this describes your situation, perhaps you should change it yourself.
-c
Offline