управлять токеном LUKS2 SSH (manage LUKS2 SSH token)
Имя (Name)
cryptsetup-ssh - manage LUKS2 SSH token
Синопсис (Synopsis)
cryptsetup-ssh <options> <action> <action args>
Описание (Description)
Experimental cryptsetup plugin for unlocking LUKS2 devices with
token connected to an SSH server.
This plugin currently allows only adding a token to an existing
key slot, see cryptsetup(8) for instruction on how to remove,
import or export the token.
Add operation
add <options> <device>
Adds the SSH token to <device>.
Specified SSH server must contain a key file on the
specified path with a passphrase for an existing key slot
on the device. Provided credentials will be used by
cryptsetup to get the password when opening the device
using the token.
--ssh-server, --ssh-user, --ssh-keypath and --ssh-path are
required for this operation.
--key-slot=NUM
Keyslot to assign the token to. If not specified, the
token will be assigned to the first key slot matching
provided passphrase.
--ssh-keypath=STRING
Path to the SSH key for connecting to the remote server.
--ssh-path=STRING
Path to the key file on the remote server.
--ssh-server=STRING
IP address/URL of the remote server for this token.
--ssh-user=STRING
Username used for the remote server.
Параметры (Options)
--debug
Show debug messages
--debug-json
Show debug messages including JSON metadata
-v, --verbose
Shows more detailed error messages
-?, --help
Show help
-V, --version
Print program version
Примечание (Note)
The information provided when adding the token (SSH server
address, user and paths) will be stored in the LUKS2 header in
plaintext.
Сообщение об ошибках (Reporting bugs)
Report bugs, including ones in the documentation, on the
cryptsetup mailing list at <dm-crypt@saout.de> or in the 'Issues'
section on LUKS website. Please attach the output of the failed
command with the --debug option added.
Смотри также (See also)
The project website at https://gitlab.com/cryptsetup/cryptsetup
