From 4395ba1f645d36fa0a29e63f43d6a14e5c052372 Mon Sep 17 00:00:00 2001
From: Silvio Rhatto <rhatto@riseup.net>
Date: Sat, 24 Feb 2024 08:51:02 -0300
Subject: Fix: hydractl: provision: run cryptsetup mostly with defaults, which
 nowadays ensures luks2 and argon2id

---
 share/hydractl/provision | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/share/hydractl/provision b/share/hydractl/provision
index 99853f0..783f2ae 100755
--- a/share/hydractl/provision
+++ b/share/hydractl/provision
@@ -54,13 +54,13 @@ function hydra_cryptsetup {
     # Run cryptsetup with custom parameters
     #hydra_sudo_run cryptsetup --cipher aes-xts-plain64:sha256 --key-size 512 --hash sha512 --iter-time 5000 --use-random -y -q luksFormat $1
 
-    # Run cryptsetup mostly with defaults
-    #hydra_sudo_run cryptsetup --use-random -y -q luksFormat $1
-
     # GRUB2 from bullseye (or even older) does not support LUKS2, which seems
     # the default type for luksFormat since bullseye at least
     # See https://cryptsetup-team.pages.debian.net/cryptsetup/encrypted-boot.html
-    hydra_sudo_run cryptsetup --use-random -y -q luksFormat --type luks1 $1
+    #hydra_sudo_run cryptsetup --use-random -y -q luksFormat --type luks1 $1
+
+    # Run cryptsetup mostly with defaults
+    hydra_sudo_run cryptsetup --use-random -y -q luksFormat $1
   fi
 }
 
-- 
cgit v1.2.3