NBDE, clevis and tang for non-root disk

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Hi,

Has anybody managed to get network disk bound disk encryption to work with
a non-root disk? It works fine for the root device, but the moment I add
another volume to /etc/crypttab the system will no longer boot
automatically. A tcpdump on the tang server shows no traffic while the
system is stuck at the LUKS password prompt.
The second encrypted volume is set up in the same way as the root device
and  I can unlock the volume using clevis-luks-unlock -d /dev/vda3.
I've seen in
https://rhelblog.redhat.com/2018/04/13/an-easier-way-to-manage-disk-decryption-at-boot-with-red-hat-enterprise-linux-7-5-using-nbde/
that clevis-luks-askpass.path needs to be enabled but it doesn't make a
difference.
Any ideas on what 's wrong or how to debug this?

Best regards,
Radu
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]


  Powered by Linux