npmccallum/nbde

Project ID: 11603

Description

Network Bound Disk Encryption

This repo contains all the packages required for the Network Bound Disk Encryption project, including clevis and tang, built for distributions where it is not natively supported (or newer versions cannot be backported).

Installation Instructions

Server

$ sudo dnf install tang $ sudo systemctl enable tangd.socket --now

Unlocking the Root Volume at Boot

$ sudo dnf install clevis-dracut $ sudo dracut -f $ sudo clevis bind luks /dev/sda1 tang '{"url": "http://tang.srv"}' The advertisement is signed with the following keys: kWwirxc5PhkFIH0yE28nc-EvjDY Do you wish to trust the advertisement? [yN] y Enter existing LUKS password: $ reboot
  1. Install clevis-dracut
  2. Rebuild initramfs
  3. Bind a disk to the Tang server
  4. Reboot

Unlocking Removable Storage in GNOME

$ sudo dnf install clevis-udisks2 $ sudo clevis bind luks /dev/sda1 tang '{"url": "http://tang.srv"}' The advertisement is signed with the following keys: kWwirxc5PhkFIH0yE28nc-EvjDY Do you wish to trust the advertisement? [yN] y Enter existing LUKS password:
  1. Install clevis-udisks2
  2. Bind a removable disk to Tang
  3. Restart your desktop session

Active Releases

The following unofficial repositories are provided as-is by owner of this project. Contact the owner directly for bugs or issues (IE: not bugzilla).

Release Architectures Repo Download
Epel for CentOS 7 ppc64le (0)*, x86_64 (0)* Epel for CentOS 7 (117 downloads)

* Total number of packages downloaded in the last seven days.