Путеводитель по Руководству Linux

  User  |  Syst  |  Libr  |  Device  |  Files  |  Other  |  Admin  |  Head  |



   cryptsetup-ssh    ( 8 )

управлять токеном LUKS2 SSH (manage LUKS2 SSH token)

Имя (Name)

cryptsetup-ssh - manage LUKS2 SSH token

Синопсис (Synopsis)

cryptsetup-ssh <options> <action> <action args>

Описание (Description)

Experimental cryptsetup plugin for unlocking LUKS2 devices with
       token connected to an SSH server.

This plugin currently allows only adding a token to an existing key slot, see cryptsetup(8) for instruction on how to remove, import or export the token.

Add operation add <options> <device>

Adds the SSH token to <device>.

Specified SSH server must contain a key file on the specified path with a passphrase for an existing key slot on the device. Provided credentials will be used by cryptsetup to get the password when opening the device using the token.

--ssh-server, --ssh-user, --ssh-keypath and --ssh-path are required for this operation.

--key-slot=NUM Keyslot to assign the token to. If not specified, the token will be assigned to the first key slot matching provided passphrase.

--ssh-keypath=STRING Path to the SSH key for connecting to the remote server.

--ssh-path=STRING Path to the key file on the remote server.

--ssh-server=STRING IP address/URL of the remote server for this token.

--ssh-user=STRING Username used for the remote server.


Параметры (Options)

--debug
              Show debug messages

--debug-json Show debug messages including JSON metadata

-v, --verbose Shows more detailed error messages

-?, --help Show help

-V, --version Print program version


Примечание (Note)

The information provided when adding the token (SSH server
       address, user and paths) will be stored in the LUKS2 header in
       plaintext.

Сообщение об ошибках (Reporting bugs)

Report bugs, including ones in the documentation, on the
       cryptsetup mailing list at <dm-crypt@saout.de> or in the 'Issues'
       section on LUKS website.  Please attach the output of the failed
       command with the --debug option added.

Смотри также (See also)

The project website at https://gitlab.com/cryptsetup/cryptsetup