diff options
Diffstat (limited to 'vmdb/plugins/luks.mdwn')
-rw-r--r-- | vmdb/plugins/luks.mdwn | 33 |
1 files changed, 0 insertions, 33 deletions
diff --git a/vmdb/plugins/luks.mdwn b/vmdb/plugins/luks.mdwn deleted file mode 100644 index 663d7b7..0000000 --- a/vmdb/plugins/luks.mdwn +++ /dev/null @@ -1,33 +0,0 @@ -Step: luks ------------------------------------------------------------------------------ - -Set up disk encryption using LUKS with the `cryptsetup` utility. The -encryption passphrase is read from a file or from the output of a -command. The encrypted disk gets opened and can be mounted using a -separate tag for the cleartext view. - -Step keys: - -* `cryptsetup` — REQUIRED; value is the tag for the encrypted - block device. This is not directly useable by users, or mountable. - -* `tag` — REQUIRED; the tag for the de-crypted block device. - This is what gets mounted and visible to users. - -* `key-file` — OPTIONAL; file from where passphrase is read. - -* `key-cmd` — OPTIONAL; command to run, passphrase is the first - line of its standard output. - -Example (in the .vmdb file): - - - cryptsetup: root - tag: root_crypt - key-file: disk.pass - -Same, except run a command to get passphrase (in this case -[pass](https://www.passwordstore.org/)): - - - cryptsetup: root - tag: root_crypt - key-cmd: pass show disk-encryption |