"Fossies" - the Fresh Open Source Software Archive

Member "cryptsetup-2.4.3/man/cryptsetup-ssh.8" (13 Jan 2022, 2477 Bytes) of package /linux/misc/cryptsetup-2.4.3.tar.xz:


Caution: As a special service "Fossies" has tried to format the requested manual source page into HTML format but links to other man pages may be missing or even erroneous. Alternatively you can here view or download the uninterpreted manual source code. A member file download can also be achieved by clicking within a package contents listing on the according byte size field.

CRYPTSETUP-SSH

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
NOTES
REPORTING BUGS
COPYRIGHT
SEE ALSO

NAME

cryptsetup-ssh − manage LUKS2 SSH token

SYNOPSIS

cryptsetup-ssh <options> <action> <action args>

DESCRIPTION

Experimental cryptsetup plugin for unlocking LUKS2 devices with token connected to an SSH server.

This plugin currently allows only adding a token to an existing key slot, see cryptsetup(8) for instruction on how to remove, import or export the token.

Add operation
add
<options> <device>

Adds the SSH token to <device>.

Specified SSH server must contain a key file on the specified path with a passphrase for an existing key slot on the device. Provided credentials will be used by cryptsetup to get the password when opening the device using the token.

−−ssh−server, −−ssh−user, −−ssh−keypath and -−ssh−path are required for this operation.

−−key−slot=NUM

Keyslot to assign the token to. If not specified, the token will be assigned to the first key slot matching provided passphrase.

−−ssh−keypath=STRING

Path to the SSH key for connecting to the remote server.

−−ssh−path=STRING

Path to the key file on the remote server.

−−ssh−server=STRING

IP address/URL of the remote server for this token.

−−ssh−user=STRING

Username used for the remote server.

OPTIONS

−−debug

Show debug messages

−−debug−json

Show debug messages including JSON metadata

−v, −−verbose

Shows more detailed error messages

−?, −−help

Show help

−V, −−version

Print program version

NOTES

The information provided when adding the token (SSH server address, user and paths) will be stored in the LUKS2 header in plaintext.

REPORTING BUGS

Report bugs, including ones in the documentation, on the cryptsetup mailing list at <dm-crypt@saout.de> or in the ’Issues’ section on LUKS website. Please attach the output of the failed command with the −−debug option added.

COPYRIGHT

Copyright © 2016-2021 Red Hat, Inc.
Copyright © 2016-2021 Milan Broz
Copyright © 2021 Vojtech Trefny

This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

SEE ALSO

The project website at https://gitlab.com/cryptsetup/cryptsetup