aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2024-02-24 08:51:02 -0300
committerSilvio Rhatto <rhatto@riseup.net>2024-02-24 08:51:02 -0300
commit4395ba1f645d36fa0a29e63f43d6a14e5c052372 (patch)
tree94bfe32fcbac6280c71bb021fcd5a41fd2082d26
parent9f440e8797b26d0bd6498acc8058331f6391d9ed (diff)
downloadhydra-4395ba1f645d36fa0a29e63f43d6a14e5c052372.tar.gz
hydra-4395ba1f645d36fa0a29e63f43d6a14e5c052372.tar.bz2
Fix: hydractl: provision: run cryptsetup mostly with defaults, which nowadays ensures luks2 and argon2id
-rwxr-xr-xshare/hydractl/provision8
1 files changed, 4 insertions, 4 deletions
diff --git a/share/hydractl/provision b/share/hydractl/provision
index 99853f0..783f2ae 100755
--- a/share/hydractl/provision
+++ b/share/hydractl/provision
@@ -54,13 +54,13 @@ function hydra_cryptsetup {
# Run cryptsetup with custom parameters
#hydra_sudo_run cryptsetup --cipher aes-xts-plain64:sha256 --key-size 512 --hash sha512 --iter-time 5000 --use-random -y -q luksFormat $1
- # Run cryptsetup mostly with defaults
- #hydra_sudo_run cryptsetup --use-random -y -q luksFormat $1
-
# GRUB2 from bullseye (or even older) does not support LUKS2, which seems
# the default type for luksFormat since bullseye at least
# See https://cryptsetup-team.pages.debian.net/cryptsetup/encrypted-boot.html
- hydra_sudo_run cryptsetup --use-random -y -q luksFormat --type luks1 $1
+ #hydra_sudo_run cryptsetup --use-random -y -q luksFormat --type luks1 $1
+
+ # Run cryptsetup mostly with defaults
+ hydra_sudo_run cryptsetup --use-random -y -q luksFormat $1
fi
}