]>
Commit | Line | Data |
---|---|---|
45ae1a05 LP |
1 | <?xml version="1.0"?> |
2 | <!--*-nxml-*--> | |
3a54a157 ZJS |
3 | <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" |
4 | "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> | |
45ae1a05 | 5 | <!-- |
db9ecf05 | 6 | SPDX-License-Identifier: LGPL-2.1-or-later |
572eb058 | 7 | |
45ae1a05 LP |
8 | This is based on crypttab(5) from Fedora's initscripts package, which in |
9 | turn is based on Debian's version. | |
10 | ||
11 | The Red Hat version has been written by Miloslav Trmac <mitr@redhat.com>. | |
45ae1a05 | 12 | --> |
c2d54475 | 13 | <refentry id="crypttab" conditional='HAVE_LIBCRYPTSETUP' xmlns:xi="http://www.w3.org/2001/XInclude"> |
45ae1a05 | 14 | |
798d3a52 ZJS |
15 | <refentryinfo> |
16 | <title>crypttab</title> | |
17 | <productname>systemd</productname> | |
798d3a52 ZJS |
18 | </refentryinfo> |
19 | ||
20 | <refmeta> | |
21 | <refentrytitle>crypttab</refentrytitle> | |
22 | <manvolnum>5</manvolnum> | |
23 | </refmeta> | |
24 | ||
25 | <refnamediv> | |
26 | <refname>crypttab</refname> | |
27 | <refpurpose>Configuration for encrypted block devices</refpurpose> | |
28 | </refnamediv> | |
29 | ||
30 | <refsynopsisdiv> | |
31 | <para><filename>/etc/crypttab</filename></para> | |
32 | </refsynopsisdiv> | |
33 | ||
34 | <refsect1> | |
35 | <title>Description</title> | |
36 | ||
37 | <para>The <filename>/etc/crypttab</filename> file describes | |
38 | encrypted block devices that are set up during system boot.</para> | |
39 | ||
40 | <para>Empty lines and lines starting with the <literal>#</literal> | |
41 | character are ignored. Each of the remaining lines describes one | |
ed3657d5 | 42 | encrypted block device. Fields are delimited by white space.</para> |
b2a1a5c7 | 43 | |
6e41f4dd | 44 | <para>Each line is in the form<programlisting><replaceable>volume-name</replaceable> <replaceable>encrypted-device</replaceable> <replaceable>key-file</replaceable> <replaceable>options</replaceable></programlisting> |
b2a1a5c7 | 45 | The first two fields are mandatory, the remaining two are |
798d3a52 ZJS |
46 | optional.</para> |
47 | ||
cf1e172d LP |
48 | <para>Setting up encrypted block devices using this file supports four encryption modes: LUKS, TrueCrypt, |
49 | BitLocker and plain. See <citerefentry | |
50 | project='die-net'><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry> for | |
51 | more information about each mode. When no mode is specified in the options field and the block device | |
52 | contains a LUKS signature, it is opened as a LUKS device; otherwise, it is assumed to be in raw dm-crypt | |
53 | (plain mode) format.</para> | |
798d3a52 | 54 | |
96e9a9a4 LP |
55 | <para>The four fields of <filename>/etc/crypttab</filename> are defined as follows:</para> |
56 | ||
57 | <orderedlist> | |
58 | ||
59 | <listitem><para>The first field contains the name of the resulting volume with decrypted data; its | |
60 | block device is set up below <filename>/dev/mapper/</filename>.</para></listitem> | |
61 | ||
62 | <listitem><para>The second field contains a path to the underlying block | |
63 | device or file, or a specification of a block device via | |
64 | <literal>UUID=</literal> followed by the UUID.</para></listitem> | |
65 | ||
66 | <listitem><para>The third field specifies an absolute path to a file with the encryption | |
cf1e172d LP |
67 | key. Optionally, the path may be followed by <literal>:</literal> and an |
68 | <filename>/etc/fstab</filename> style device specification (e.g. starting with | |
69 | <literal>LABEL=</literal> or similar); in which case the path is taken relative to the specified | |
70 | device's file system root. If the field is not present or is <literal>none</literal> or | |
96e9a9a4 LP |
71 | <literal>-</literal>, a key file named after the volume to unlock (i.e. the first column of the line), |
72 | suffixed with <filename>.key</filename> is automatically loaded from the | |
73 | <filename>/etc/cryptsetup-keys.d/</filename> and <filename>/run/cryptsetup-keys.d/</filename> | |
74 | directories, if present. Otherwise, the password has to be manually entered during system boot. For | |
75 | swap encryption, <filename>/dev/urandom</filename> may be used as key file, resulting in a randomized | |
76 | key.</para> | |
77 | ||
78 | <para>If the specified key file path refers to an <constant>AF_UNIX</constant> stream socket in the | |
79 | file system, the key is acquired by connecting to the socket and reading it from the connection. This | |
80 | allows the implementation of a service to provide key information dynamically, at the moment when it is | |
81 | needed. For details see below.</para></listitem> | |
82 | ||
da115b93 | 83 | <listitem><para>The fourth field, if present, is a comma-delimited list of options. The supported |
96e9a9a4 LP |
84 | options are listed below.</para></listitem> |
85 | </orderedlist> | |
cf1e172d LP |
86 | </refsect1> |
87 | ||
88 | <refsect1> | |
89 | <title>Key Acquisition</title> | |
90 | ||
91 | <para>Six different mechanisms for acquiring the decryption key or passphrase unlocking the encrypted | |
92 | volume are supported. Specifically:</para> | |
93 | ||
94 | <orderedlist> | |
95 | ||
96 | <listitem><para>Most prominently, the user may be queried interactively during volume activation | |
0923b425 | 97 | (i.e. typically at boot), asking them to type in the necessary passphrases.</para></listitem> |
cf1e172d LP |
98 | |
99 | <listitem><para>The (unencrypted) key may be read from a file on disk, possibly on removable media. The third field | |
100 | of each line encodes the location, for details see above.</para></listitem> | |
101 | ||
102 | <listitem><para>The (unencrypted) key may be requested from another service, by specifying an | |
103 | <constant>AF_UNIX</constant> file system socket in place of a key file in the third field. For details | |
104 | see above and below.</para></listitem> | |
105 | ||
106 | <listitem><para>The key may be acquired via a PKCS#11 compatible hardware security token or | |
107 | smartcard. In this case an encrypted key is stored on disk/removable media, acquired via | |
108 | <constant>AF_UNIX</constant>, or stored in the LUKS2 JSON token metadata header. The encrypted key is | |
109 | then decrypted by the PKCS#11 token with an RSA key stored on it, and then used to unlock the encrypted | |
110 | volume. Use the <option>pkcs11-uri=</option> option described below to use this mechanism.</para></listitem> | |
111 | ||
6163dac4 ZJS |
112 | <listitem><para>Similarly, the key may be acquired via a FIDO2 compatible hardware security token |
113 | (which must implement the "hmac-secret" extension). In this case a key generated randomly during | |
114 | enrollment is stored on disk/removable media, acquired via <constant>AF_UNIX</constant>, or stored in | |
115 | the LUKS2 JSON token metadata header. The random key is hashed via a keyed hash function (HMAC) on the | |
116 | FIDO2 token, using a secret key stored on the token that never leaves it. The resulting hash value is | |
117 | then used as key to unlock the encrypted volume. Use the <option>fido2-device=</option> option | |
118 | described below to use this mechanism.</para></listitem> | |
119 | ||
120 | <listitem><para>Similarly, the key may be acquired via a TPM2 security chip. In this case a (during | |
cf1e172d LP |
121 | enrollment) randomly generated key — encrypted by an asymmetric key derived from the TPM2 chip's seed |
122 | key — is stored on disk/removable media, acquired via <constant>AF_UNIX</constant>, or stored in the | |
123 | LUKS2 JSON token metadata header. Use the <option>tpm2-device=</option> option described below to use | |
124 | this mechanism.</para></listitem> | |
125 | </orderedlist> | |
126 | ||
127 | <para>For the latter five mechanisms the source for the key material used for unlocking the volume is | |
128 | primarily configured in the third field of each <filename>/etc/crypttab</filename> line, but may also | |
129 | configured in <filename>/etc/cryptsetup-keys.d/</filename> and | |
130 | <filename>/run/cryptsetup-keys.d/</filename> (see above) or in the LUKS2 JSON token header (in case of | |
131 | the latter three). Use the | |
132 | <citerefentry><refentrytitle>systemd-cryptenroll</refentrytitle><manvolnum>1</manvolnum></citerefentry> | |
133 | tool to enroll PKCS#11, FIDO2 and TPM2 devices in LUKS2 volumes.</para> | |
134 | </refsect1> | |
135 | ||
136 | <refsect1> | |
137 | <title>Supported Options</title> | |
138 | ||
139 | <para>The following options may be used in the fourth field of each line:</para> | |
798d3a52 ZJS |
140 | |
141 | <variablelist class='fstab-options'> | |
142 | ||
798d3a52 ZJS |
143 | <varlistentry> |
144 | <term><option>cipher=</option></term> | |
145 | ||
b12bd993 ZJS |
146 | <listitem><para>Specifies the cipher to use. See <citerefentry |
147 | project='die-net'><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry> | |
148 | for possible values and the default value of this option. A cipher with unpredictable IV values, such | |
149 | as <literal>aes-cbc-essiv:sha256</literal>, is recommended. Embedded commas in the cipher | |
150 | specification need to be escaped by preceding them with a backslash, see example below.</para> | |
151 | </listitem> | |
798d3a52 ZJS |
152 | </varlistentry> |
153 | ||
ed3657d5 ZJS |
154 | <varlistentry> |
155 | <term><option>discard</option></term> | |
156 | ||
157 | <listitem><para>Allow discard requests to be passed through the encrypted block | |
158 | device. This improves performance on SSD storage but has security implications. | |
159 | </para></listitem> | |
160 | </varlistentry> | |
161 | ||
798d3a52 ZJS |
162 | <varlistentry> |
163 | <term><option>hash=</option></term> | |
164 | ||
165 | <listitem><para>Specifies the hash to use for password | |
166 | hashing. See | |
3ba3a79d | 167 | <citerefentry project='die-net'><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry> |
798d3a52 ZJS |
168 | for possible values and the default value of this |
169 | option.</para></listitem> | |
170 | </varlistentry> | |
171 | ||
172 | <varlistentry> | |
173 | <term><option>header=</option></term> | |
174 | ||
70390240 KZ |
175 | <listitem><para>Use a detached (separated) metadata device or file |
176 | where the header containing the master key(s) is stored. This | |
177 | option is only relevant for LUKS and TrueCrypt/VeraCrypt devices. See | |
3ba3a79d | 178 | <citerefentry project='die-net'><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry> |
70390240 | 179 | for possible values and the default value of this option.</para> |
13445d97 | 180 | |
cf1e172d LP |
181 | <para>Optionally, the path may be followed by <literal>:</literal> and an |
182 | <filename>/etc/fstab</filename> device specification (e.g. starting with <literal>UUID=</literal> or | |
183 | similar); in which case, the path is relative to the device file system root. The device gets mounted | |
184 | automatically for LUKS device activation duration only.</para></listitem> | |
798d3a52 ZJS |
185 | </varlistentry> |
186 | ||
187 | <varlistentry> | |
188 | <term><option>keyfile-offset=</option></term> | |
189 | ||
190 | <listitem><para>Specifies the number of bytes to skip at the | |
191 | start of the key file. See | |
3ba3a79d | 192 | <citerefentry project='die-net'><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry> |
798d3a52 ZJS |
193 | for possible values and the default value of this |
194 | option.</para></listitem> | |
195 | </varlistentry> | |
196 | ||
197 | <varlistentry> | |
198 | <term><option>keyfile-size=</option></term> | |
199 | ||
200 | <listitem><para>Specifies the maximum number of bytes to read | |
201 | from the key file. See | |
3ba3a79d | 202 | <citerefentry project='die-net'><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry> |
798d3a52 ZJS |
203 | for possible values and the default value of this option. This |
204 | option is ignored in plain encryption mode, as the key file | |
205 | size is then given by the key size.</para></listitem> | |
206 | </varlistentry> | |
207 | ||
6e41f4dd LP |
208 | <varlistentry> |
209 | <term><option>keyfile-erase</option></term> | |
210 | ||
211 | <listitem><para>If enabled, the specified key file is erased after the volume is activated or when | |
212 | activation fails. This is in particular useful when the key file is only acquired transiently before | |
213 | activation (e.g. via a file in <filename>/run/</filename>, generated by a service running before | |
214 | activation), and shall be removed after use. Defaults to off.</para></listitem> | |
215 | </varlistentry> | |
216 | ||
798d3a52 ZJS |
217 | <varlistentry> |
218 | <term><option>key-slot=</option></term> | |
219 | ||
220 | <listitem><para>Specifies the key slot to compare the | |
221 | passphrase or key against. If the key slot does not match the | |
222 | given passphrase or key, but another would, the setup of the | |
223 | device will fail regardless. This option implies | |
224 | <option>luks</option>. See | |
3ba3a79d | 225 | <citerefentry project='die-net'><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry> |
798d3a52 ZJS |
226 | for possible values. The default is to try all key slots in |
227 | sequential order.</para></listitem> | |
228 | </varlistentry> | |
229 | ||
4e133451 | 230 | <varlistentry> |
231 | <term><option>keyfile-timeout=</option></term> | |
232 | ||
233 | <listitem><para> Specifies the timeout for the device on | |
7aa0b012 CHY |
234 | which the key file resides or the device used as the key file, |
235 | and falls back to a password if it could not be accessed. See | |
4e133451 | 236 | <citerefentry><refentrytitle>systemd-cryptsetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry> |
237 | for key files on external devices. | |
238 | </para></listitem> | |
239 | </varlistentry> | |
240 | ||
798d3a52 ZJS |
241 | <varlistentry> |
242 | <term><option>luks</option></term> | |
243 | ||
244 | <listitem><para>Force LUKS mode. When this mode is used, the | |
245 | following options are ignored since they are provided by the | |
246 | LUKS header on the device: <option>cipher=</option>, | |
247 | <option>hash=</option>, | |
248 | <option>size=</option>.</para></listitem> | |
249 | </varlistentry> | |
250 | ||
6cc27c29 MF |
251 | <varlistentry> |
252 | <term><option>bitlk</option></term> | |
253 | ||
cf1e172d LP |
254 | <listitem><para>Decrypt BitLocker drive. Encryption parameters |
255 | are deduced by cryptsetup from BitLocker header.</para></listitem> | |
6cc27c29 MF |
256 | </varlistentry> |
257 | ||
b001ad61 ZJS |
258 | <varlistentry> |
259 | <term><option>_netdev</option></term> | |
260 | ||
261 | <listitem><para>Marks this cryptsetup device as requiring network. It will be | |
262 | started after the network is available, similarly to | |
263 | <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
264 | units marked with <option>_netdev</option>. The service unit to set up this device | |
a0dd2097 | 265 | will be ordered between <filename>remote-fs-pre.target</filename> and |
b001ad61 ZJS |
266 | <filename>remote-cryptsetup.target</filename>, instead of |
267 | <filename>cryptsetup-pre.target</filename> and | |
288c2616 ZJS |
268 | <filename>cryptsetup.target</filename>.</para> |
269 | ||
270 | <para>Hint: if this device is used for a mount point that is specified in | |
271 | <citerefentry project='man-pages'><refentrytitle>fstab</refentrytitle><manvolnum>5</manvolnum></citerefentry>, | |
272 | the <option>_netdev</option> option should also be used for the mount | |
273 | point. Otherwise, a dependency loop might be created where the mount point | |
274 | will be pulled in by <filename>local-fs.target</filename>, while the | |
275 | service to configure the network is usually only started <emphasis>after</emphasis> | |
276 | the local file system has been mounted.</para> | |
277 | </listitem> | |
b001ad61 ZJS |
278 | </varlistentry> |
279 | ||
798d3a52 ZJS |
280 | <varlistentry> |
281 | <term><option>noauto</option></term> | |
282 | ||
5d0e4851 ZJS |
283 | <listitem><para>This device will not be added to <filename>cryptsetup.target</filename>. |
284 | This means that it will not be automatically unlocked on boot, unless something else pulls | |
285 | it in. In particular, if the device is used for a mount point, it'll be unlocked | |
286 | automatically during boot, unless the mount point itself is also disabled with | |
287 | <option>noauto</option>.</para></listitem> | |
798d3a52 ZJS |
288 | </varlistentry> |
289 | ||
290 | <varlistentry> | |
291 | <term><option>nofail</option></term> | |
292 | ||
5d0e4851 | 293 | <listitem><para>This device will not be a hard dependency of |
7792d9cd | 294 | <filename>cryptsetup.target</filename>. It'll still be pulled in and started, but the system |
5d0e4851 ZJS |
295 | will not wait for the device to show up and be unlocked, and boot will not fail if this is |
296 | unsuccessful. Note that other units that depend on the unlocked device may still fail. In | |
7792d9cd AZ |
297 | particular, if the device is used for a mount point, the mount point itself also needs to |
298 | have the <option>nofail</option> option, or the boot will fail if the device is not unlocked | |
5d0e4851 | 299 | successfully.</para></listitem> |
798d3a52 ZJS |
300 | </varlistentry> |
301 | ||
ed3657d5 ZJS |
302 | <varlistentry> |
303 | <term><option>offset=</option></term> | |
304 | ||
305 | <listitem><para>Start offset in the backend device, in 512-byte sectors. This | |
306 | option is only relevant for plain devices.</para></listitem> | |
307 | </varlistentry> | |
308 | ||
798d3a52 ZJS |
309 | <varlistentry> |
310 | <term><option>plain</option></term> | |
311 | ||
312 | <listitem><para>Force plain encryption mode.</para></listitem> | |
313 | </varlistentry> | |
314 | ||
315 | <varlistentry> | |
316 | <term><option>read-only</option></term><term><option>readonly</option></term> | |
317 | ||
318 | <listitem><para>Set up the encrypted block device in read-only | |
319 | mode.</para></listitem> | |
320 | </varlistentry> | |
321 | ||
2c65512e YW |
322 | <varlistentry> |
323 | <term><option>same-cpu-crypt</option></term> | |
324 | ||
cf1e172d | 325 | <listitem><para>Perform encryption using the same CPU that IO was submitted on. The default is to use |
2c65512e | 326 | an unbound workqueue so that encryption work is automatically balanced between available CPUs.</para> |
e9dd6984 | 327 | |
2c65512e YW |
328 | <para>This requires kernel 4.0 or newer.</para> |
329 | </listitem> | |
330 | </varlistentry> | |
331 | ||
332 | <varlistentry> | |
333 | <term><option>submit-from-crypt-cpus</option></term> | |
334 | ||
335 | <listitem><para>Disable offloading writes to a separate thread after encryption. There are some | |
e9dd6984 ZJS |
336 | situations where offloading write requests from the encryption threads to a dedicated thread degrades |
337 | performance significantly. The default is to offload write requests to a dedicated thread because it | |
338 | benefits the CFQ scheduler to have writes submitted using the same context.</para> | |
339 | ||
2c65512e YW |
340 | <para>This requires kernel 4.0 or newer.</para> |
341 | </listitem> | |
342 | </varlistentry> | |
343 | ||
227acf00 JU |
344 | <varlistentry> |
345 | <term><option>no-read-workqueue</option></term> | |
346 | ||
347 | <listitem><para>Bypass dm-crypt internal workqueue and process read requests synchronously. The | |
348 | default is to queue these requests and process them asynchronously.</para> | |
349 | ||
350 | <para>This requires kernel 5.9 or newer.</para> | |
351 | </listitem> | |
352 | </varlistentry> | |
353 | <varlistentry> | |
354 | <term><option>no-write-workqueue</option></term> | |
355 | ||
356 | <listitem><para>Bypass dm-crypt internal workqueue and process write requests synchronously. The | |
357 | default is to queue these requests and process them asynchronously.</para> | |
358 | ||
359 | <para>This requires kernel 5.9 or newer.</para> | |
360 | </listitem> | |
361 | </varlistentry> | |
362 | ||
ed3657d5 ZJS |
363 | <varlistentry> |
364 | <term><option>skip=</option></term> | |
365 | ||
366 | <listitem><para>How many 512-byte sectors of the encrypted data to skip at the | |
367 | beginning. This is different from the <option>offset=</option> option with respect | |
368 | to the sector numbers used in initialization vector (IV) calculation. Using | |
369 | <option>offset=</option> will shift the IV calculation by the same negative | |
370 | amount. Hence, if <option>offset=<replaceable>n</replaceable></option> is given, | |
371 | sector <replaceable>n</replaceable> will get a sector number of 0 for the IV | |
372 | calculation. Using <option>skip=</option> causes sector | |
373 | <replaceable>n</replaceable> to also be the first sector of the mapped device, but | |
374 | with its number for IV generation being <replaceable>n</replaceable>.</para> | |
375 | ||
376 | <para>This option is only relevant for plain devices.</para> | |
377 | </listitem> | |
378 | </varlistentry> | |
379 | ||
798d3a52 ZJS |
380 | <varlistentry> |
381 | <term><option>size=</option></term> | |
382 | ||
383 | <listitem><para>Specifies the key size in bits. See | |
3ba3a79d | 384 | <citerefentry project='die-net'><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry> |
798d3a52 ZJS |
385 | for possible values and the default value of this |
386 | option.</para></listitem> | |
387 | </varlistentry> | |
388 | ||
a9fc6406 DJL |
389 | <varlistentry> |
390 | <term><option>sector-size=</option></term> | |
391 | ||
392 | <listitem><para>Specifies the sector size in bytes. See | |
393 | <citerefentry project='die-net'><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry> | |
394 | for possible values and the default value of this | |
395 | option.</para></listitem> | |
396 | </varlistentry> | |
397 | ||
798d3a52 ZJS |
398 | <varlistentry> |
399 | <term><option>swap</option></term> | |
400 | ||
401 | <listitem><para>The encrypted block device will be used as a | |
402 | swap device, and will be formatted accordingly after setting | |
403 | up the encrypted block device, with | |
404 | <citerefentry project='man-pages'><refentrytitle>mkswap</refentrytitle><manvolnum>8</manvolnum></citerefentry>. | |
405 | This option implies <option>plain</option>.</para> | |
406 | ||
407 | <para>WARNING: Using the <option>swap</option> option will | |
408 | destroy the contents of the named partition during every boot, | |
409 | so make sure the underlying block device is specified | |
410 | correctly.</para></listitem> | |
411 | </varlistentry> | |
412 | ||
413 | <varlistentry> | |
414 | <term><option>tcrypt</option></term> | |
415 | ||
416 | <listitem><para>Use TrueCrypt encryption mode. When this mode | |
417 | is used, the following options are ignored since they are | |
418 | provided by the TrueCrypt header on the device or do not | |
419 | apply: | |
420 | <option>cipher=</option>, | |
421 | <option>hash=</option>, | |
422 | <option>keyfile-offset=</option>, | |
423 | <option>keyfile-size=</option>, | |
424 | <option>size=</option>.</para> | |
425 | ||
426 | <para>When this mode is used, the passphrase is read from the | |
427 | key file given in the third field. Only the first line of this | |
428 | file is read, excluding the new line character.</para> | |
429 | ||
430 | <para>Note that the TrueCrypt format uses both passphrase and | |
431 | key files to derive a password for the volume. Therefore, the | |
432 | passphrase and all key files need to be provided. Use | |
433 | <option>tcrypt-keyfile=</option> to provide the absolute path | |
434 | to all key files. When using an empty passphrase in | |
435 | combination with one or more key files, use | |
436 | <literal>/dev/null</literal> as the password file in the third | |
437 | field.</para></listitem> | |
438 | </varlistentry> | |
439 | ||
440 | <varlistentry> | |
441 | <term><option>tcrypt-hidden</option></term> | |
442 | ||
443 | <listitem><para>Use the hidden TrueCrypt volume. This option | |
444 | implies <option>tcrypt</option>.</para> | |
445 | ||
446 | <para>This will map the hidden volume that is inside of the | |
447 | volume provided in the second field. Please note that there is | |
448 | no protection for the hidden volume if the outer volume is | |
449 | mounted instead. See | |
3ba3a79d | 450 | <citerefentry project='die-net'><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry> |
798d3a52 ZJS |
451 | for more information on this limitation.</para></listitem> |
452 | </varlistentry> | |
453 | ||
454 | <varlistentry> | |
455 | <term><option>tcrypt-keyfile=</option></term> | |
456 | ||
457 | <listitem><para>Specifies the absolute path to a key file to | |
458 | use for a TrueCrypt volume. This implies | |
459 | <option>tcrypt</option> and can be used more than once to | |
460 | provide several key files.</para> | |
461 | ||
462 | <para>See the entry for <option>tcrypt</option> on the | |
463 | behavior of the passphrase and key files when using TrueCrypt | |
464 | encryption mode.</para></listitem> | |
465 | </varlistentry> | |
466 | ||
467 | <varlistentry> | |
468 | <term><option>tcrypt-system</option></term> | |
469 | ||
470 | <listitem><para>Use TrueCrypt in system encryption mode. This | |
471 | option implies <option>tcrypt</option>.</para></listitem> | |
472 | </varlistentry> | |
473 | ||
52028838 GH |
474 | <varlistentry> |
475 | <term><option>tcrypt-veracrypt</option></term> | |
476 | ||
477 | <listitem><para>Check for a VeraCrypt volume. VeraCrypt is a fork of | |
478 | TrueCrypt that is mostly compatible, but uses different, stronger key | |
479 | derivation algorithms that cannot be detected without this flag. | |
480 | Enabling this option could substantially slow down unlocking, because | |
481 | VeraCrypt's key derivation takes much longer than TrueCrypt's. This | |
482 | option implies <option>tcrypt</option>.</para></listitem> | |
483 | </varlistentry> | |
484 | ||
70390240 KZ |
485 | <varlistentry> |
486 | <term><option>veracrypt-pim=</option></term> | |
487 | ||
488 | <listitem><para>Specifies a custom Personal Iteration Multiplier (PIM) | |
489 | value, which can range from 0..2147468 for standard veracrypt volumes | |
490 | and 0..65535 for veracrypt system volumes. A value of 0 will imply the | |
491 | VeraCrypt default. | |
492 | ||
493 | This option is only effective when <option>tcrypt-veracrypt</option> is | |
494 | set.</para> | |
495 | ||
496 | <para>Note that VeraCrypt enforces a minimal allowed PIM value depending on the | |
497 | password strength and the hash algorithm used for key derivation, however | |
498 | <option>veracrypt-pim=</option> is not checked against these bounds. | |
499 | <ulink url="https://www.veracrypt.fr/en/Personal%20Iterations%20Multiplier%20%28PIM%29.html">See | |
500 | documentation</ulink> for more information.</para> | |
501 | </listitem> | |
502 | </varlistentry> | |
503 | ||
798d3a52 ZJS |
504 | <varlistentry> |
505 | <term><option>timeout=</option></term> | |
506 | ||
507 | <listitem><para>Specifies the timeout for querying for a | |
508 | password. If no unit is specified, seconds is used. Supported | |
509 | units are s, ms, us, min, h, d. A timeout of 0 waits | |
510 | indefinitely (which is the default).</para></listitem> | |
511 | </varlistentry> | |
512 | ||
798d3a52 | 513 | <varlistentry> |
53ac130b | 514 | <term><option>tmp=</option></term> |
798d3a52 | 515 | |
53ac130b LP |
516 | <listitem><para>The encrypted block device will be prepared for using it as |
517 | <filename>/tmp/</filename>; it will be formatted using <citerefentry | |
518 | project='man-pages'><refentrytitle>mkfs</refentrytitle><manvolnum>8</manvolnum></citerefentry>. Takes | |
519 | a file system type as argument, such as <literal>ext4</literal>, <literal>xfs</literal> or | |
520 | <literal>btrfs</literal>. If no argument is specified defaults to <literal>ext4</literal>. This | |
521 | option implies <option>plain</option>.</para> | |
798d3a52 | 522 | |
53ac130b LP |
523 | <para>WARNING: Using the <option>tmp</option> option will destroy the contents of the named partition |
524 | during every boot, so make sure the underlying block device is specified correctly.</para></listitem> | |
798d3a52 ZJS |
525 | </varlistentry> |
526 | ||
527 | <varlistentry> | |
528 | <term><option>tries=</option></term> | |
529 | ||
530 | <listitem><para>Specifies the maximum number of times the user | |
531 | is queried for a password. The default is 3. If set to 0, the | |
532 | user is queried for a password indefinitely.</para></listitem> | |
533 | </varlistentry> | |
534 | ||
cd5f57bd LB |
535 | <varlistentry> |
536 | <term><option>headless=</option></term> | |
537 | ||
538 | <listitem><para>Takes a boolean argument, defaults to false. If true, never query interactively | |
539 | for the password/PIN. Useful for headless systems.</para></listitem> | |
540 | </varlistentry> | |
541 | ||
798d3a52 ZJS |
542 | <varlistentry> |
543 | <term><option>verify</option></term> | |
544 | ||
c2d54475 LP |
545 | <listitem><para>If the encryption password is read from console, it has to be entered twice to |
546 | prevent typos.</para></listitem> | |
547 | </varlistentry> | |
548 | ||
1fa94a31 | 549 | <varlistentry> |
2cbca51a SB |
550 | <term><option>password-echo=yes|no|masked</option></term> |
551 | ||
552 | <listitem><para>Controls whether to echo passwords or security token PINs | |
553 | that are read from console. Takes a boolean or the special string <literal>masked</literal>. | |
554 | The default is <option>password-echo=masked</option>.</para> | |
555 | ||
556 | <para>If enabled, the typed characters are echoed literally. If disabled, | |
557 | the typed characters are not echoed in any form, the user will not get | |
558 | feedback on their input. If set to <literal>masked</literal>, an asterisk | |
559 | (<literal>*</literal>) is echoed for each character typed. Regardless of | |
560 | which mode is chosen, if the user hits the tabulator key (<literal>↹</literal>) | |
561 | at any time, or the backspace key (<literal>⌫</literal>) before any other | |
562 | data has been entered, then echo is turned off.</para></listitem> | |
1fa94a31 SB |
563 | </varlistentry> |
564 | ||
c2d54475 LP |
565 | <varlistentry> |
566 | <term><option>pkcs11-uri=</option></term> | |
567 | ||
cf1e172d LP |
568 | <listitem><para>Takes either the special value <literal>auto</literal> or an <ulink |
569 | url="https://tools.ietf.org/html/rfc7512">RFC7512 PKCS#11 URI</ulink> pointing to a private RSA key | |
570 | which is used to decrypt the encrypted key specified in the third column of the line. This is useful | |
571 | for unlocking encrypted volumes through PKCS#11 compatible security tokens or smartcards. See below | |
572 | for an example how to set up this mechanism for unlocking a LUKS2 volume with a YubiKey security | |
573 | token.</para> | |
574 | ||
575 | <para>If specified as <literal>auto</literal> the volume must be of type LUKS2 and must carry PKCS#11 | |
576 | security token metadata in its LUKS2 JSON token section. In this mode the URI and the encrypted key | |
577 | are automatically read from the LUKS2 JSON token header. Use | |
578 | <citerefentry><refentrytitle>systemd-cryptenroll</refentrytitle><manvolnum>1</manvolnum></citerefentry> | |
579 | as simple tool for enrolling PKCS#11 security tokens or smartcards in a way compatible with | |
580 | <literal>auto</literal>. In this mode the third column of the line should remain empty (that is, | |
581 | specified as <literal>-</literal>).</para> | |
582 | ||
583 | <para>The specified URI can refer directly to a private RSA key stored on a token or alternatively | |
2ccf0ff6 | 584 | just to a slot or token, in which case a search for a suitable private RSA key will be performed. In |
cf1e172d LP |
585 | this case if multiple suitable objects are found the token is refused. The encrypted key configured |
586 | in the third column of the line is passed as is (i.e. in binary form, unprocessed) to RSA | |
587 | decryption. The resulting decrypted key is then Base64 encoded before it is used to unlock the LUKS | |
588 | volume.</para> | |
589 | ||
590 | <para>Use <command>systemd-cryptenroll --pkcs11-token-uri=list</command> to list all suitable PKCS#11 | |
591 | security tokens currently plugged in, along with their URIs.</para> | |
592 | ||
593 | <para>Note that many newer security tokens that may be used as PKCS#11 security token typically also | |
594 | implement the newer and simpler FIDO2 standard. Consider using <option>fido2-device=</option> | |
595 | (described below) to enroll it via FIDO2 instead. Note that a security token enrolled via PKCS#11 | |
596 | cannot be used to unlock the volume via FIDO2, unless also enrolled via FIDO2, and vice | |
597 | versa.</para></listitem> | |
598 | </varlistentry> | |
599 | ||
600 | <varlistentry> | |
601 | <term><option>fido2-device=</option></term> | |
602 | ||
603 | <listitem><para>Takes either the special value <literal>auto</literal> or the path to a | |
604 | <literal>hidraw</literal> device node (e.g. <filename>/dev/hidraw1</filename>) referring to a FIDO2 | |
605 | security token that implements the <literal>hmac-secret</literal> extension (most current hardware | |
606 | security tokens do). See below for an example how to set up this mechanism for unlocking an encrypted | |
607 | volume with a FIDO2 security token.</para> | |
608 | ||
609 | <para>If specified as <literal>auto</literal> the FIDO2 token device is automatically discovered, as | |
610 | it is plugged in.</para> | |
611 | ||
612 | <para>FIDO2 volume unlocking requires a client ID hash (CID) to be configured via | |
613 | <option>fido2-cid=</option> (see below) and a key to pass to the security token's HMAC functionality | |
614 | (configured in the line's third column) to operate. If not configured and the volume is of type | |
615 | LUKS2, the CID and the key are read from LUKS2 JSON token metadata instead. Use | |
616 | <citerefentry><refentrytitle>systemd-cryptenroll</refentrytitle><manvolnum>1</manvolnum></citerefentry> | |
617 | as simple tool for enrolling FIDO2 security tokens, compatible with this automatic mode, which is | |
618 | only available for LUKS2 volumes.</para> | |
619 | ||
620 | <para>Use <command>systemd-cryptenroll --fido2-device=list</command> to list all suitable FIDO2 | |
621 | security tokens currently plugged in, along with their device nodes.</para> | |
622 | ||
623 | <para>This option implements the following mechanism: the configured key is hashed via they HMAC | |
624 | keyed hash function the FIDO2 device implements, keyed by a secret key embedded on the device. The | |
625 | resulting hash value is Base64 encoded and used to unlock the LUKS2 volume. As it should not be | |
626 | possible to extract the secret from the hardware token, it should not be possible to retrieve the | |
627 | hashed key given the configured key — without possessing the hardware token.</para> | |
628 | ||
629 | <para>Note that many security tokens that implement FIDO2 also implement PKCS#11, suitable for | |
630 | unlocking volumes via the <option>pkcs11-uri=</option> option described above. Typically the newer, | |
631 | simpler FIDO2 standard is preferable.</para></listitem> | |
632 | </varlistentry> | |
633 | ||
634 | <varlistentry> | |
635 | <term><option>fido2-cid=</option></term> | |
636 | ||
637 | <listitem><para>Takes a Base64 encoded FIDO2 client ID to use for the FIDO2 unlock operation. If | |
638 | specified, but <option>fido2-device=</option> is not, <option>fido2-device=auto</option> is | |
639 | implied. If <option>fido2-device=</option> is used but <option>fido2-cid=</option> is not, the volume | |
640 | must be of LUKS2 type, and the CID is read from the LUKS2 JSON token header. Use | |
641 | <citerefentry><refentrytitle>systemd-cryptenroll</refentrytitle><manvolnum>1</manvolnum></citerefentry> | |
642 | for enrolling a FIDO2 token in the LUKS2 header compatible with this automatic | |
643 | mode.</para></listitem> | |
644 | </varlistentry> | |
645 | ||
646 | <varlistentry> | |
647 | <term><option>fido2-rp=</option></term> | |
648 | ||
649 | <listitem><para>Takes a string, configuring the FIDO2 Relying Party (rp) for the FIDO2 unlock | |
3d62af7d | 650 | operation. If not specified <literal>io.systemd.cryptsetup</literal> is used, except if the LUKS2 |
cf1e172d LP |
651 | JSON token header contains a different value. It should normally not be necessary to override |
652 | this.</para></listitem> | |
653 | </varlistentry> | |
654 | ||
655 | <varlistentry> | |
656 | <term><option>tpm2-device=</option></term> | |
657 | ||
658 | <listitem><para>Takes either the special value <literal>auto</literal> or the path to a device node | |
659 | (e.g. <filename>/dev/tpmrm0</filename>) referring to a TPM2 security chip. See below for an example | |
660 | how to set up this mechanism for unlocking an encrypted volume with a TPM2 chip.</para> | |
661 | ||
662 | <para>Use <option>tpm2-pcrs=</option> (see below) to configure the set of TPM2 PCRs to bind the | |
663 | volume unlocking to. Use | |
664 | <citerefentry><refentrytitle>systemd-cryptenroll</refentrytitle><manvolnum>1</manvolnum></citerefentry> | |
665 | as simple tool for enrolling TPM2 security chips in LUKS2 volumes.</para> | |
666 | ||
667 | <para>If specified as <literal>auto</literal> the TPM2 device is automatically discovered. Use | |
668 | <command>systemd-cryptenroll --tpm2-device=list</command> to list all suitable TPM2 devices currently | |
669 | available, along with their device nodes.</para> | |
670 | ||
671 | <para>This option implements the following mechanism: when enrolling a TPM2 device via | |
672 | <command>systemd-cryptenroll</command> on a LUKS2 volume, a randomized key unlocking the volume is | |
673 | generated on the host and loaded into the TPM2 chip where it is encrypted with an asymmetric | |
674 | "primary" key pair derived from the TPM2's internal "seed" key. Neither the seed key nor the primary | |
675 | key are permitted to ever leave the TPM2 chip — however, the now encrypted randomized key may. It is | |
676 | saved in the LUKS2 volume JSON token header. When unlocking the encrypted volume, the primary key | |
677 | pair is generated on the TPM2 chip again (which works as long as the chip's seed key is correctly | |
678 | maintained by the TPM2 chip), which is then used to decrypt (on the TPM2 chip) the encrypted key from | |
679 | the LUKS2 volume JSON token header saved there during enrollment. The resulting decrypted key is then | |
680 | used to unlock the volume. When the randomized key is encrypted the current values of the selected | |
681 | PCRs (see below) are included in the operation, so that different PCR state results in different | |
682 | encrypted keys and the decrypted key can only be recovered if the same PCR state is | |
683 | reproduced.</para></listitem> | |
684 | </varlistentry> | |
685 | ||
686 | <varlistentry> | |
687 | <term><option>tpm2-pcrs=</option></term> | |
688 | ||
a1788a69 LP |
689 | <listitem><para>Takes a <literal>+</literal> separated list of numeric TPM2 PCR (i.e. "Platform |
690 | Configuration Register") indexes to bind the TPM2 volume unlocking to. This option is only useful | |
691 | when TPM2 enrollment metadata is not available in the LUKS2 JSON token header already, the way | |
cf1e172d LP |
692 | <command>systemd-cryptenroll</command> writes it there. If not used (and no metadata in the LUKS2 |
693 | JSON token header defines it), defaults to a list of a single entry: PCR 7. Assign an empty string to | |
694 | encode a policy that binds the key to no PCRs, making the key accessible to local programs regardless | |
695 | of the current PCR state.</para></listitem> | |
798d3a52 ZJS |
696 | </varlistentry> |
697 | ||
4005d41e GG |
698 | <varlistentry> |
699 | <term><option>tpm2-pin=</option></term> | |
700 | ||
701 | <listitem><para>Takes a boolean argument, defaults to <literal>false</literal>. Controls whether | |
702 | TPM2 volume unlocking is bound to a PIN in addition to PCRs. Similarly, this option is only useful | |
703 | when TPM2 enrollment metadata is not available.</para></listitem> | |
704 | </varlistentry> | |
705 | ||
dc63b2c9 LP |
706 | <varlistentry> |
707 | <term><option>tpm2-signature=</option></term> | |
708 | ||
709 | <listitem><para>Takes an absolute path to a TPM2 PCR JSON signature file, as produced by the | |
710 | <citerefentry><refentrytitle>systemd-measure</refentrytitle><manvolnum>1</manvolnum></citerefentry> | |
711 | tool. This permits locking LUKS2 volumes to any PCR values for which a valid signature matching a | |
712 | public key specified at key enrollment time can be provided. See | |
713 | <citerefentry><refentrytitle>systemd-cryptenroll</refentrytitle><manvolnum>1</manvolnum></citerefentry> | |
714 | for details on enrolling TPM2 PCR public keys. If this option is not specified but it is attempted to | |
715 | unlock a LUKS2 volume with a signed TPM2 PCR enrollment a suitable signature file | |
716 | <filename>tpm2-pcr-signature.json</filename> is searched for in <filename>/etc/systemd/</filename>, | |
717 | <filename>/run/systemd/</filename>, <filename>/usr/lib/systemd/</filename> (in this | |
718 | order).</para></listitem> | |
719 | </varlistentry> | |
720 | ||
572f7876 LP |
721 | <varlistentry> |
722 | <term><option>tpm2-measure-pcr=</option></term> | |
723 | ||
724 | <listitem><para>Controls whether to measure the volume key of the encrypted volume to a TPM2 PCR. If | |
725 | set to "no" (which is the default) no PCR extension is done. If set to "yes" the volume key is | |
726 | measured into PCR 15. If set to a decimal integer in the range 0…23 the volume key is measured into | |
727 | the specified PCR. The volume key is measured along with the activated volume name and its UUID. This | |
728 | functionality is particularly useful for the encrypted volume backing the root file system, as it | |
729 | then allows later TPM objects to be securely bound to the root file system and hence the specific | |
730 | installation.</para></listitem> | |
731 | </varlistentry> | |
732 | ||
733 | <varlistentry> | |
734 | <term><option>tpm2-measure-bank=</option></term> | |
735 | ||
736 | <listitem><para>Selects one or more TPM2 PCR banks to measure the volume key into, as configured with | |
737 | <option>tpm2-measure-pcr=</option> above. Multiple banks may be specified, separated by a colon | |
738 | character. If not specified automatically determines available and used banks. Expects a message | |
739 | digest name (e.g. <literal>sha1</literal>, <literal>sha256</literal>, …) as argument, to identify the | |
740 | bank.</para></listitem> | |
741 | </varlistentry> | |
742 | ||
2c7ec820 LP |
743 | <varlistentry> |
744 | <term><option>token-timeout=</option></term> | |
745 | ||
746 | <listitem><para>Specifies how long to wait at most for configured security devices (i.e. FIDO2, | |
747 | PKCS#11, TPM2) to show up. Takes a time value in seconds (but other time units may be specified too, | |
748 | see <citerefentry><refentrytitle>systemd.time</refentrytitle><manvolnum>7</manvolnum></citerefentry> | |
749 | for supported formats). Defaults to 30s. Once the specified timeout elapsed authentication via | |
750 | password is attempted. Note that this timeout applies to waiting for the security device to show up — | |
751 | it does not apply to the PIN prompt for the device (should one be needed) or similar. Pass 0 to turn | |
752 | off the time-out and wait forever.</para></listitem> | |
753 | </varlistentry> | |
754 | ||
6e41f4dd LP |
755 | <varlistentry> |
756 | <term><option>try-empty-password=</option></term> | |
757 | ||
758 | <listitem><para>Takes a boolean argument. If enabled, right before asking the user for a password it | |
759 | is first attempted to unlock the volume with an empty password. This is useful for systems that are | |
760 | initialized with an encrypted volume with only an empty password set, which shall be replaced with a | |
761 | suitable password during first boot, but after activation.</para></listitem> | |
762 | </varlistentry> | |
763 | ||
ed3657d5 ZJS |
764 | <varlistentry> |
765 | <term><option>x-systemd.device-timeout=</option></term> | |
766 | ||
2c7ec820 LP |
767 | <listitem><para>Specifies how long systemd should wait for a block device to show up before |
768 | giving up on the entry. The argument is a time in seconds or explicitly specified units of | |
769 | <literal>s</literal>, <literal>min</literal>, <literal>h</literal>, <literal>ms</literal>. | |
ed3657d5 ZJS |
770 | </para></listitem> |
771 | </varlistentry> | |
772 | ||
1dc85eff FB |
773 | <varlistentry> |
774 | <term><option>x-initrd.attach</option></term> | |
775 | ||
32e27670 | 776 | <listitem><para>Setup this encrypted block device in the initrd, similarly to |
1dc85eff FB |
777 | <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry> |
778 | units marked with <option>x-initrd.mount</option>.</para> | |
779 | ||
780 | <para>Although it's not necessary to mark the mount entry for the root file system with | |
781 | <option>x-initrd.mount</option>, <option>x-initrd.attach</option> is still recommended with | |
782 | the encrypted block device containing the root file system as otherwise systemd will | |
783 | attempt to detach the device during the regular system shutdown while it's still in | |
784 | use. With this option the device will still be detached but later after the root file | |
785 | system is unmounted.</para> | |
786 | ||
32e27670 LP |
787 | <para>All other encrypted block devices that contain file systems mounted in the initrd should use |
788 | this option.</para> | |
1dc85eff FB |
789 | </listitem> |
790 | </varlistentry> | |
791 | ||
798d3a52 ZJS |
792 | </variablelist> |
793 | ||
794 | <para>At early boot and when the system manager configuration is | |
795 | reloaded, this file is translated into native systemd units by | |
796 | <citerefentry><refentrytitle>systemd-cryptsetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para> | |
797 | </refsect1> | |
798 | ||
96e9a9a4 LP |
799 | <refsect1> |
800 | <title><constant>AF_UNIX</constant> Key Files</title> | |
801 | ||
802 | <para>If the key file path (as specified in the third column of <filename>/etc/crypttab</filename> | |
803 | entries, see above) refers to an <constant>AF_UNIX</constant> stream socket in the file system, the key | |
804 | is acquired by connecting to the socket and reading the key from the connection. The connection is made | |
805 | from an <constant>AF_UNIX</constant> socket name in the abstract namespace, see <citerefentry | |
806 | project='man-pages'><refentrytitle>unix</refentrytitle><manvolnum>7</manvolnum></citerefentry> for | |
807 | details. The source socket name is chosen according the following format:</para> | |
808 | ||
6163dac4 | 809 | <programlisting><constant>NUL</constant> <replaceable>RANDOM</replaceable> /cryptsetup/ <replaceable>VOLUME</replaceable></programlisting> |
96e9a9a4 LP |
810 | |
811 | <para>In other words: a <constant>NUL</constant> byte (as required for abstract namespace sockets), | |
cf1e172d | 812 | followed by a random string (consisting of alphanumeric characters only), followed by the literal |
96e9a9a4 | 813 | string <literal>/cryptsetup/</literal>, followed by the name of the volume to acquire they key |
6163dac4 | 814 | for. For example, for the volume <literal>myvol</literal>:</para> |
96e9a9a4 | 815 | |
6163dac4 | 816 | <programlisting>\0d7067f78d9827418/cryptsetup/myvol</programlisting> |
96e9a9a4 LP |
817 | |
818 | <para>Services listening on the <constant>AF_UNIX</constant> stream socket may query the source socket | |
819 | name with <citerefentry | |
820 | project='man-pages'><refentrytitle>getpeername</refentrytitle><manvolnum>2</manvolnum></citerefentry>, | |
6163dac4 ZJS |
821 | and use this to determine which key to send, allowing a single listening socket to serve keys for |
822 | multiple volumes. If the PKCS#11 logic is used (see above), the socket source name is picked in similar | |
823 | fashion, except that the literal string <literal>/cryptsetup-pkcs11/</literal> is used. And similarly for | |
6c2d70ce | 824 | FIDO2 (<literal>/cryptsetup-fido2/</literal>) and TPM2 (<literal>/cryptsetup-tpm2/</literal>). A different |
6163dac4 ZJS |
825 | path component is used so that services providing key material know that the secret key was not requested |
826 | directly, but instead an encrypted key that will be decrypted via the PKCS#11/FIDO2/TPM2 logic to acquire | |
827 | the final secret key.</para> | |
96e9a9a4 | 828 | </refsect1> |
cf1e172d | 829 | |
798d3a52 | 830 | <refsect1> |
c2d54475 | 831 | <title>Examples</title> |
798d3a52 ZJS |
832 | <example> |
833 | <title>/etc/crypttab example</title> | |
b12bd993 ZJS |
834 | <para>Set up four encrypted block devices. One using LUKS for normal storage, another one for usage as |
835 | a swap device and two TrueCrypt volumes. For the fourth device, the option string is interpreted as two | |
836 | options <literal>cipher=xchacha12,aes-adiantum-plain64</literal>, | |
837 | <literal>keyfile-timeout=10s</literal>.</para> | |
798d3a52 ZJS |
838 | |
839 | <programlisting>luks UUID=2505567a-9e27-4efe-a4d5-15ad146c258b | |
840 | swap /dev/sda7 /dev/urandom swap | |
8cf3ca80 | 841 | truecrypt /dev/sda2 /etc/container_password tcrypt |
4e133451 | 842 | hidden /mnt/tc_hidden /dev/null tcrypt-hidden,tcrypt-keyfile=/etc/keyfile |
b12bd993 ZJS |
843 | external /dev/sda3 keyfile:LABEL=keydev keyfile-timeout=10s,cipher=xchacha12\,aes-adiantum-plain64 |
844 | </programlisting> | |
798d3a52 | 845 | </example> |
c2d54475 LP |
846 | |
847 | <example> | |
cf1e172d | 848 | <title>Yubikey-based PKCS#11 Volume Unlocking Example</title> |
c2d54475 LP |
849 | |
850 | <para>The PKCS#11 logic allows hooking up any compatible security token that is capable of storing RSA | |
cf1e172d LP |
851 | decryption keys for unlocking an encrypted volume. Here's an example how to set up a Yubikey security |
852 | token for this purpose on a LUKS2 volume, using <citerefentry | |
853 | project='debian'><refentrytitle>ykmap</refentrytitle><manvolnum>1</manvolnum></citerefentry> from the | |
854 | yubikey-manager project to initialize the token and | |
855 | <citerefentry><refentrytitle>systemd-cryptenroll</refentrytitle><manvolnum>1</manvolnum></citerefentry> | |
856 | to add it in the LUKS2 volume:</para> | |
c2d54475 LP |
857 | |
858 | <programlisting><xi:include href="yubikey-crypttab.sh" parse="text" /></programlisting> | |
859 | ||
cf1e172d LP |
860 | <para>A few notes on the above:</para> |
861 | ||
862 | <itemizedlist> | |
863 | <listitem><para>We use RSA2048, which is the longest key size current Yubikeys support</para></listitem> | |
864 | <listitem><para>We use Yubikey key slot 9d, since that's apparently the keyslot to use for decryption purposes, | |
865 | <ulink url="https://developers.yubico.com/PIV/Introduction/Certificate_slots.html">see | |
866 | documentation</ulink>.</para></listitem> | |
867 | </itemizedlist> | |
868 | </example> | |
869 | ||
870 | <example> | |
871 | <title>FIDO2 Volume Unlocking Example</title> | |
872 | ||
873 | <para>The FIDO2 logic allows using any compatible FIDO2 security token that implements the | |
874 | <literal>hmac-secret</literal> extension for unlocking an encrypted volume. Here's an example how to | |
875 | set up a FIDO2 security token for this purpose for a LUKS2 volume, using | |
876 | <citerefentry><refentrytitle>systemd-cryptenroll</refentrytitle><manvolnum>1</manvolnum></citerefentry>:</para> | |
877 | ||
878 | <programlisting><xi:include href="fido2-crypttab.sh" parse="text" /></programlisting> | |
879 | </example> | |
880 | ||
881 | <example> | |
882 | <title>TPM2 Volume Unlocking Example</title> | |
c2d54475 | 883 | |
cf1e172d LP |
884 | <para>The TPM2 logic allows using any TPM2 chip supported by the Linux kernel for unlocking an |
885 | encrypted volume. Here's an example how to set up a TPM2 chip for this purpose for a LUKS2 volume, | |
886 | using | |
887 | <citerefentry><refentrytitle>systemd-cryptenroll</refentrytitle><manvolnum>1</manvolnum></citerefentry>:</para> | |
c2d54475 | 888 | |
cf1e172d | 889 | <programlisting><xi:include href="tpm2-crypttab.sh" parse="text" /></programlisting> |
c2d54475 | 890 | </example> |
798d3a52 ZJS |
891 | </refsect1> |
892 | ||
893 | <refsect1> | |
894 | <title>See Also</title> | |
895 | <para> | |
896 | <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, | |
897 | <citerefentry><refentrytitle>systemd-cryptsetup@.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>, | |
898 | <citerefentry><refentrytitle>systemd-cryptsetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>, | |
cf1e172d | 899 | <citerefentry><refentrytitle>systemd-cryptenroll</refentrytitle><manvolnum>1</manvolnum></citerefentry>, |
288c2616 | 900 | <citerefentry project='man-pages'><refentrytitle>fstab</refentrytitle><manvolnum>5</manvolnum></citerefentry>, |
3ba3a79d | 901 | <citerefentry project='die-net'><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>, |
798d3a52 ZJS |
902 | <citerefentry project='man-pages'><refentrytitle>mkswap</refentrytitle><manvolnum>8</manvolnum></citerefentry>, |
903 | <citerefentry project='man-pages'><refentrytitle>mke2fs</refentrytitle><manvolnum>8</manvolnum></citerefentry> | |
904 | </para> | |
905 | </refsect1> | |
45ae1a05 LP |
906 | |
907 | </refentry> |