diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2024-02-24 08:51:02 -0300 | 
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2024-02-24 08:51:02 -0300 | 
| commit | 4395ba1f645d36fa0a29e63f43d6a14e5c052372 (patch) | |
| tree | 94bfe32fcbac6280c71bb021fcd5a41fd2082d26 | |
| parent | 9f440e8797b26d0bd6498acc8058331f6391d9ed (diff) | |
| download | hydra-4395ba1f645d36fa0a29e63f43d6a14e5c052372.tar.gz hydra-4395ba1f645d36fa0a29e63f43d6a14e5c052372.tar.bz2 | |
Fix: hydractl: provision: run cryptsetup mostly with defaults, which nowadays ensures luks2 and argon2id
| -rwxr-xr-x | share/hydractl/provision | 8 | 
1 files changed, 4 insertions, 4 deletions
| diff --git a/share/hydractl/provision b/share/hydractl/provision index 99853f0..783f2ae 100755 --- a/share/hydractl/provision +++ b/share/hydractl/provision @@ -54,13 +54,13 @@ function hydra_cryptsetup {      # Run cryptsetup with custom parameters      #hydra_sudo_run cryptsetup --cipher aes-xts-plain64:sha256 --key-size 512 --hash sha512 --iter-time 5000 --use-random -y -q luksFormat $1 -    # Run cryptsetup mostly with defaults -    #hydra_sudo_run cryptsetup --use-random -y -q luksFormat $1 -      # GRUB2 from bullseye (or even older) does not support LUKS2, which seems      # the default type for luksFormat since bullseye at least      # See https://cryptsetup-team.pages.debian.net/cryptsetup/encrypted-boot.html -    hydra_sudo_run cryptsetup --use-random -y -q luksFormat --type luks1 $1 +    #hydra_sudo_run cryptsetup --use-random -y -q luksFormat --type luks1 $1 + +    # Run cryptsetup mostly with defaults +    hydra_sudo_run cryptsetup --use-random -y -q luksFormat $1    fi  } | 
