[CentOS] NBDE, clevis and tang for non-root disk
Radu Radutiu
rradutiu at gmail.comMon Nov 26 09:50:21 UTC 2018
- Previous message: [CentOS] digital signature equipment
- Next message: [CentOS] NBDE, clevis and tang for non-root disk
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi, Has anybody managed to get network disk bound disk encryption to work with a non-root disk? It works fine for the root device, but the moment I add another volume to /etc/crypttab the system will no longer boot automatically. A tcpdump on the tang server shows no traffic while the system is stuck at the LUKS password prompt. The second encrypted volume is set up in the same way as the root device and I can unlock the volume using clevis-luks-unlock -d /dev/vda3. I've seen in https://rhelblog.redhat.com/2018/04/13/an-easier-way-to-manage-disk-decryption-at-boot-with-red-hat-enterprise-linux-7-5-using-nbde/ that clevis-luks-askpass.path needs to be enabled but it doesn't make a difference. Any ideas on what 's wrong or how to debug this? Best regards, Radu
- Previous message: [CentOS] digital signature equipment
- Next message: [CentOS] NBDE, clevis and tang for non-root disk
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list