solace: disable Yubikey for LUKS

Sponsored-by: author
author: Lars Wirzenius <liw@liw.fi> 2023-03-29 17:27:41 +0300
committer: Lars Wirzenius <liw@liw.fi> 2023-03-29 18:01:40 +0300
commit: 3160cbd733d7dd84f2be11239b237332bc71d8c5 (patch)
tree: 4b3eee87d9e6c3d0bb83722d2e50a119c7f47bbb /ansible/solace.yml
parent: 934e1282f05f63d102cb512e13c67a21f29b9543 (diff)
download: ansibleness-3160cbd733d7dd84f2be11239b237332bc71d8c5.tar.gz
1 files changed, 30 insertions, 30 deletions
diff --git a/ansible/solace.yml b/ansible/solace.yml
index d202d49..dccd2b4 100644
--- a/ansible/solace.yml
+++ b/ansible/solace.yml
@@ -225,39 +225,39 @@
     #     owner: liw
     #     group: liw
 
-    - name: "install necessary packages to use a Yubikey with LUKS"
-      apt:
-        name:
-          - yubikey-luks
-          - usbutils
+    # - name: "install necessary packages to use a Yubikey with LUKS"
+    #   apt:
+    #     name:
+    #       - yubikey-luks
+    #       - usbutils
 
-    - name: "configure crypttab to use yubikey-luks key script"
-      crypttab:
-        name: pv0
-        opts: keyscript=/usr/share/yubikey-luks/ykluks-keyscript
-        state: opts_present
+    # - name: "configure crypttab to use yubikey-luks key script"
+    #   crypttab:
+    #     name: pv0
+    #     opts: keyscript=/usr/share/yubikey-luks/ykluks-keyscript
+    #     state: opts_present
 
-    - name: "update initramfs"
-      shell: |
-        update-initramfs -u
+    # - name: "update initramfs"
+    #   shell: |
+    #     update-initramfs -u
 
-    - apt:
-        name:
-          - libpam-yubico
-    # disabled until I don't need Y4 anymore.
-    # - lineinfile:
-    #     path: /etc/pam.d/common-auth
-    #     regex: pam_yubico.so
-    #     line: "auth required pam_yubico.so mode=challenge-response chalresp_path=/etc/yubikey_chalresp"
-    - file:
-        state: directory
-        path: /etc/yubikey_chalresp
-        mode: 0700
-    - copy:
-        content: |
-          {{ lookup('pipe', 'pass libpam-yubico/liw/y6.chalresp') }}
-        dest: "/etc/yubikey_chalresp/liw-{{ lookup('pipe', 'pass libpam-yubico/liw/y6.serial') }}"
-        mode: 0600
+    # - apt:
+    #     name:
+    #       - libpam-yubico
+    # # disabled until I don't need Y4 anymore.
+    # # - lineinfile:
+    # #     path: /etc/pam.d/common-auth
+    # #     regex: pam_yubico.so
+    # #     line: "auth required pam_yubico.so mode=challenge-response chalresp_path=/etc/yubikey_chalresp"
+    # - file:
+    #     state: directory
+    #     path: /etc/yubikey_chalresp
+    #     mode: 0700
+    # - copy:
+    #     content: |
+    #       {{ lookup('pipe', 'pass libpam-yubico/liw/y6.chalresp') }}
+    #     dest: "/etc/yubikey_chalresp/liw-{{ lookup('pipe', 'pass libpam-yubico/liw/y6.serial') }}"
+    #     mode: 0600
 
 
   vars:
author	Lars Wirzenius <liw@liw.fi>	2023-03-29 17:27:41 +0300
committer	Lars Wirzenius <liw@liw.fi>	2023-03-29 18:01:40 +0300
commit	3160cbd733d7dd84f2be11239b237332bc71d8c5 (patch)
tree	4b3eee87d9e6c3d0bb83722d2e50a119c7f47bbb /ansible/solace.yml
parent	934e1282f05f63d102cb512e13c67a21f29b9543 (diff)
download	ansibleness-3160cbd733d7dd84f2be11239b237332bc71d8c5.tar.gz