Closed coreycothrum closed 1 year ago
Current LUKS keys are defined @ build time. All devices provisioned from that build share the same LUKS master key.
Would it be good to perform a cryptsetup reencrypt? Ideally just once. This would give each device unique keys.
cryptsetup reencrypt
Probably some sort of systemd service @ boot time.
https://man7.org/linux/man-pages/man8/cryptsetup.8.html
Current LUKS keys are defined @ build time. All devices provisioned from that build share the same LUKS master key.
Would it be good to perform a
cryptsetup reencrypt? Ideally just once. This would give each device unique keys.Probably some sort of systemd service @ boot time.
https://man7.org/linux/man-pages/man8/cryptsetup.8.html