Displaying 4 results from an estimated 4 matches for "nbde".
Did you mean:
nbd
2019 Oct 17
0
Using Clevis/Tang (NBDE) to automatically decrypt volumes from within libguestfs
This is about Network-Bound Disk Encryption (NBDE) not to be confused
of course with NBD! NBDE is where you use disk encryption in your
virtual machines. But instead of having to type a passphrase when the
guest boots, there is a network server which gives out tokens, so as
long as the guest is booted from the trusted network it is able to
boot...
2018 Nov 26
0
NBDE, clevis and tang for non-root disk
...ssword prompt.
The second encrypted volume is set up in the same way as the root device
and I can unlock the volume using clevis-luks-unlock -d /dev/vda3.
I've seen in
https://rhelblog.redhat.com/2018/04/13/an-easier-way-to-manage-disk-decryption-at-boot-with-red-hat-enterprise-linux-7-5-using-nbde/
that clevis-luks-askpass.path needs to be enabled but it doesn't make a
difference.
Any ideas on what 's wrong or how to debug this?
Best regards,
Radu
2018 Nov 27
0
NBDE, clevis and tang for non-root disk
On Tue, Nov 27, 2018 at 3:14 PM mark <m.roth at 5-cent.us> wrote:
> What we do is to have the encryption key of the secondary filesystem in
> /etc/crypttab, which is, of course, 600. As it boots, it decrypts from
> that as
> it mounts the rest of the system.
>
> mark
>
Thanks, this is working as expected and it gave me the hint needed to find
the actual
2018 Nov 27
1
NBDE, clevis and tang for non-root disk
Radu Radutiu wrote:
> On Tue, Nov 27, 2018 at 3:14 PM mark <m.roth at 5-cent.us> wrote:
>
>> What we do is to have the encryption key of the secondary filesystem in
>> /etc/crypttab, which is, of course, 600. As it boots, it decrypts from
>> that as it mounts the rest of the system.
>>
> Thanks, this is working as expected and it gave me the hint needed to