1CRYPTSETUP-SSH(8) Maintenance Commands CRYPTSETUP-SSH(8)
2
3
4
6 cryptsetup-ssh - manage LUKS2 SSH token
7
9 cryptsetup-ssh <action> [<options>] <action args>
10
12 Experimental cryptsetup plugin for unlocking LUKS2 devices with token
13 connected to an SSH server.
14
15 This plugin currently allows only adding a token to an existing key
16 slot. See cryptsetup(8) for instructions on how to remove, import or
17 export the token.
18
19 Add operation
20 add <options> <device>
21
22 Adds the SSH token to <device>.
23
24 The specified SSH server must contain a key file on the specified path
25 with a passphrase for an existing key slot on the device. Provided
26 credentials will be used by cryptsetup to get the password when opening
27 the device using the token.
28
29 Options --ssh-server, --ssh-user, --ssh-keypath and --ssh-path are
30 required for this operation.
31
33 --key-slot=NUM
34 Keyslot to assign the token to. If not specified, the token will be
35 assigned to the first key slot matching provided passphrase.
36
37 --ssh-keypath=STRING
38 Path to the SSH key for connecting to the remote server.
39
40 --ssh-path=STRING
41 Path to the key file on the remote server.
42
43 --ssh-server=STRING
44 IP address/URL of the remote server for this token.
45
46 --ssh-user=STRING
47 Username used for the remote server.
48
49 --debug
50 Show debug messages
51
52 --debug-json
53 Show debug messages including JSON metadata
54
55 --verbose, -v
56 Shows more detailed error messages
57
58 --help, -?
59 Show help
60
61 --version, -V
62 Print program version
63
65 The information provided when adding the token (SSH server address,
66 user and paths) will be stored in the LUKS2 header in plaintext.
67
69 The cryptsetup-ssh tool is written by Vojtech Trefny.
70
72 Report bugs at cryptsetup mailing list <cryptsetup@lists.linux.dev> or
73 in Issues project section
74 <https://gitlab.com/cryptsetup/cryptsetup/-/issues/new>.
75
76 Please attach output of the failed command with --debug option added.
77
79 Cryptsetup FAQ
80 <https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions>
81
82 cryptsetup(8), integritysetup(8) and veritysetup(8)
83
85 Part of cryptsetup project <https://gitlab.com/cryptsetup/cryptsetup/>.
86
87
88
89cryptsetup-ssh 2.6.1 2023-02-10 CRYPTSETUP-SSH(8)