confluent

mirror of https://github.com/xcat2/confluent.git synced 2024-11-22 01:22:00 +00:00

History

Jarrod Johnson 329f2b4485 Amend cryptboot implementation for Ubuntu 22/24, EL8/EL9 Provide mechanism for administrator to place a custom key for potential interactive recovery into /var/lib/confluent/private/os/<profile>/pending/luks.key If not provided, generate a unique one for each install. Either way, persist the key in /etc/confluent/luks.key, to facilitate later resealing if the user wants (clevis nor systemd prior to 256 supports unlock via TPM2, so keyfile is required for now). Migrating to otherwise escrowed passphrases and/or sealing to specific TPMs will be left to operators and/or third parties.	2024-07-29 10:17:14 -04:00
..
initramfs	Fix Ubuntu 24.04 network bring up	2024-07-12 15:15:56 -04:00
profiles/default	Amend cryptboot implementation for Ubuntu 22/24, EL8/EL9	2024-07-29 10:17:14 -04:00

Jarrod Johnson 329f2b4485 Amend cryptboot implementation for Ubuntu 22/24, EL8/EL9

Provide mechanism for administrator to place a custom
key for potential interactive recovery into
/var/lib/confluent/private/os/<profile>/pending/luks.key

If not provided, generate a unique one for each install.

Either way, persist the key in /etc/confluent/luks.key, to
facilitate later resealing if the user wants (clevis nor systemd
prior to 256 supports unlock via TPM2, so keyfile is required
for now).

Migrating to otherwise escrowed passphrases and/or sealing to
specific TPMs will be left to operators and/or third parties.

2024-07-29 10:17:14 -04:00

initramfs

Fix Ubuntu 24.04 network bring up

2024-07-12 15:15:56 -04:00

profiles/default

Amend cryptboot implementation for Ubuntu 22/24, EL8/EL9

2024-07-29 10:17:14 -04:00