diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2024-02-24 08:51:02 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2024-02-24 08:51:02 -0300 |
| commit | 4395ba1f645d36fa0a29e63f43d6a14e5c052372 (patch) | |
| tree | 94bfe32fcbac6280c71bb021fcd5a41fd2082d26 | |
| parent | 9f440e8797b26d0bd6498acc8058331f6391d9ed (diff) | |
| download | hydra-4395ba1f645d36fa0a29e63f43d6a14e5c052372.tar.gz hydra-4395ba1f645d36fa0a29e63f43d6a14e5c052372.tar.bz2 | |
Fix: hydractl: provision: run cryptsetup mostly with defaults, which nowadays ensures luks2 and argon2id
| -rwxr-xr-x | share/hydractl/provision | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/share/hydractl/provision b/share/hydractl/provision index 99853f0..783f2ae 100755 --- a/share/hydractl/provision +++ b/share/hydractl/provision @@ -54,13 +54,13 @@ function hydra_cryptsetup { # Run cryptsetup with custom parameters #hydra_sudo_run cryptsetup --cipher aes-xts-plain64:sha256 --key-size 512 --hash sha512 --iter-time 5000 --use-random -y -q luksFormat $1 - # Run cryptsetup mostly with defaults - #hydra_sudo_run cryptsetup --use-random -y -q luksFormat $1 - # GRUB2 from bullseye (or even older) does not support LUKS2, which seems # the default type for luksFormat since bullseye at least # See https://cryptsetup-team.pages.debian.net/cryptsetup/encrypted-boot.html - hydra_sudo_run cryptsetup --use-random -y -q luksFormat --type luks1 $1 + #hydra_sudo_run cryptsetup --use-random -y -q luksFormat --type luks1 $1 + + # Run cryptsetup mostly with defaults + hydra_sudo_run cryptsetup --use-random -y -q luksFormat $1 fi } |