#237 [RFE] Request for central key server that initrd will leverage during boot for encrypted filesystems
Closed: worksforme 3 years ago by pcech. Opened 13 years ago by rcritten.

https://bugzilla.redhat.com/show_bug.cgi?id=515837

This is about key management for the disk volumes.
There are several use cases:

  1. The user uses a pass-phrase for disk encryption. There should be a way to recover the disk if the user leaves the company or forgets the password. Central server should keep knowledge that would allow it to reveal to a trusted entity the way how the disk volume can be unlocked.
  2. The trusted entity can be either a user who presented his credentials and established its identity or a trusted machine that also established its identity and has the task of the recovering of the disk volumes on behalf of other machines. This automated scenario and workflow requires a lot of thinking as it has all attributes of the chicken and egg problem.

Metadata Update from @rcritten:
- Issue assigned to rcritten
- Issue set to the milestone: Tickets Deferred

7 years ago

Clevis-tang solves this problem. So we are closing this.

Metadata Update from @pcech:
- Issue close_status updated to: worksforme
- Issue status updated to: Closed (was: Open)

3 years ago

Login to comment on this ticket.

Metadata