Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

initramfs support for PKCS#11 #473

Open
sarroutbi opened this issue Sep 23, 2024 · 1 comment
Open

initramfs support for PKCS#11 #473

sarroutbi opened this issue Sep 23, 2024 · 1 comment
Labels
enhancement

Comments

@sarroutbi
Copy link
Collaborator

Clevis PKCS#11 pin has been implemented and merged. However, no initramfs support was included. Just dracut support was merged.

This needs to be fixed by including new initramfs hooks or by extending the current existing one
@joriskt
Copy link

joriskt commented Dec 14, 2024

Massive +1 to this.

In my setup, I use clevis on my Debian-based Proxmox machines for full disk encryption, and my three nodes can decrypt each other with a shared key via tang. However, I would like a second factor there by means of PKCS#11 so I can just plug in a key into one node. As such I'd love to see this!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sarroutbi @joriskt