Hello Lennart. Thank you so much for clarifying. This is right now pretty much more clear to me.
On Fri, Jun 7, 2024 at 9:32 AM Lennart Poettering <lennart@xxxxxxxxxxxxxx> wrote:
On Do, 06.06.24 19:42, Sergio Arroutbi (sarroutb@xxxxxxxxxx) wrote:
> > > I miss an option where systemd-cryptsetup is executed headless, but
> > > continues running, without exiting.
> > >
> > > I have tried with keyfile=/dev/urandom and option=keyfile-size=600000,
> > but
> > > it is too quick. I also tried try-empty-password, but this is tried only
> > > once.
> > >
> > > I am running out of ideas.
> >
> > Hmm, I am not sure I follow? So do you or do you not want cryptsetup
> > ask for passwrds via the ask-password agent stuff?
> >
>
> We are developing a PKCS11 plugin for Clevis (
> https://github.com/latchset/clevis). Clevis allows automatic boot encrypted
> disks unlocking by storing some information into LUKS metadata.
systemd-cryptsetup supports TPM2 and PKCS#11 natively, you know that?
Why isn't that enough for your usecase? What are you missing?
- References:
- Hiding systemd-cryptsetup password prompt
- From: Sergio Arroutbi
- Re: Hiding systemd-cryptsetup password prompt
- From: Lennart Poettering
- Re: Hiding systemd-cryptsetup password prompt
- From: Sergio Arroutbi
- Re: Hiding systemd-cryptsetup password prompt
- From: Luca Boccassi
- Re: Hiding systemd-cryptsetup password prompt
- From: Sergio Arroutbi
- Re: Hiding systemd-cryptsetup password prompt
- From: Lennart Poettering
- Re: Hiding systemd-cryptsetup password prompt
- From: Sergio Arroutbi
- Re: Hiding systemd-cryptsetup password prompt
- From: Lennart Poettering
- Hiding systemd-cryptsetup password prompt
- Prev by Date: sysext merge of /usr/local
- Next by Date: [no subject]
- Previous by thread: Re: Hiding systemd-cryptsetup password prompt
- Next by thread: Re: Hiding systemd-cryptsetup password prompt
- Index(es):
 |