On Di, 12.10.21 16:17, lejeczek (peljasz@xxxxxxxxxxx) wrote: > > > I have 'clevis' set to get luks pin from 'tang' but unlock does not happen > > > at/during boot time and I wonder if someone can share thoughts on how to > > > investigate that? > > > I cannot see anything obvious fail during boot, moreover, manual > > > 'clevis-luks-unlock' works no problems. > > This is the systemd mailing list, not the clevis/tang mailing > > list. Please contact the clevis/tang community instead. > > May ask of any possible plans where systemd would, somehow similarly to > 'tpm', utilize 'tang'(or similar) technique to unlock luks encrypted > devices? You mean that networked unlock feature? I mean, it's not always clear what belongs and systemd and what does not. But outside of data centers I am not sure tang/clevis really has much use, and that's quite a limited userbase, so I'd say: no this should be done outside of systemd. Maybe a plugin for libcryptsetup's "token" feature. Lennart -- Lennart Poettering, Berlin
Re: troubleshooting Clevis
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: troubleshooting Clevis
- From: Lennart Poettering <lennart@xxxxxxxxxxxxxx>
- Date: Tue, 12 Oct 2021 17:54:15 +0200
- Cc: systemd-devel@xxxxxxxxxxxxxxxxxxxxx
- In-reply-to: <2321a587-1ffc-f99c-e5b9-4b46fe4202ca@yahoo.co.uk>
- References: <b1b9b4bc-5a54-c7cd-adf3-9b34b7a79526.ref@yahoo.co.uk> <b1b9b4bc-5a54-c7cd-adf3-9b34b7a79526@yahoo.co.uk> <YVL9jfmgvtpRFBKN@gardel-login> <2321a587-1ffc-f99c-e5b9-4b46fe4202ca@yahoo.co.uk>
- Follow-Ups:
- Re: troubleshooting Clevis
- From: lejeczek
- Re: troubleshooting Clevis
- References:
- troubleshooting Clevis
- From: lejeczek
- Re: troubleshooting Clevis
- From: Lennart Poettering
- Re: troubleshooting Clevis
- From: lejeczek
- troubleshooting Clevis
- Prev by Date: Re: troubleshooting Clevis
- Next by Date: Re: troubleshooting Clevis
- Previous by thread: Re: troubleshooting Clevis
- Next by thread: Re: troubleshooting Clevis
- Index(es):
 |