Hi there,
David.
Just want some help with setting credentials for systemd-cryptsetup@.service services.
I have a crypttab file with the following:
(I set a label for this volume with a udev rule as I have to use a label)
os_crypt LABEL=os_luks none try-empty-password=1,luks,
pkcs11-uri=auto,discardI read in the systemd-cryptsetup documentation that I should be able to pass credential "cryptsetup.pkcs11-pin"
I couldn't figure out from the documentation how to do this.
I assume I create a drop-in for systemd-cryptsetup@os_crypt.service
and add the credential there:
LoadCredential=cryptsetup.pkcs11-pin:/path/to/unix/socket
Would that work? If not, how would I go about passing a pkcs11 pin to cryptsetup.
I know I can manually do it like this:
PIN=4321 systemd-cryptsetup attach os-crypt /dev/sdb - pkcs11-uri=auto but I want to use the generator with crypttab.
Thanks,
David.
