This repository has been archived by the owner on Feb 7, 2023. It is now read-only.
meta-encrypted-storage use case 2 luks-setup.sh issues #95
Comments
hmckinlay
changed the title
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Hi Jiazhang0,
I am working through using meta-encrypted-storage following section use case 2: luks-setup.sh and have encountered some issues. I am using branch Sumo but this doesn't seem to have changed much since then afaik.
Replacing
[ -n "$OPT_LOCKOUT_AUTH" ] && cmd="${cmd} --lockPasswd $OPT_LOCKOUT_AUTH"
With
[ -n "$OPT_LOCKOUT_AUTH" ] && cmd="${cmd} && tpm2_takeownership --lock-passwd $OPT_LOCKOUT_AUTH"
Replacing
! cryptsetup --type luks --cipher aes-xts-plain --hash sha256
--use-random --key-file "$passphrase" luksFormat "$luks_dev" &&
print_error "Unable to create the LUKS partition on $luks_dev" &&
return 1
With
cmd="cryptsetup --type luks --cipher aes-xts-plain --hash sha256
--use-random --key-file '$passphrase' luksFormat '$luks_dev'"
eval "$cmd"
if [ $? -ne 0 ]; then
print_error "Unable to create the LUKS partition on $luks_dev"
return 1
fi
root@hwr-01:~# cryptfs-tpm2 -q unseal passphrase -P sha256 -o /tmp/passphrase
Wed Mar 27 01:27:59 UTC 2019: [INFO] Use tabrmd as the default tcti interface
Wed Mar 27 01:27:59 UTC 2019: [ERROR] Unable to find out the tabrmd tcti library
Wed Mar 27 01:27:59 UTC 2019: [ERROR] Unable to get the TPM PCR banks (0x80005)Wed Mar 27 01:27:59 UTC 2019: [ERROR] Unsupported PCR bank algorithm
Just wondering your thoughts on if I am missing something obvious or how to proceed with 3.
Kind Regards,
Ham.
The text was updated successfully, but these errors were encountered: