I am using clevis and tang just fine on a RHEL 8.8 system with an encrypted root device. However, when I encrypt a second device (internal drive) with the same passphrase the system prompts for the passphrase at boot. I have added _netdev flag to crypttab and fstab. However, I did NOT bind the second device to the tang server. Do all additional devices need to be bound independently? If so, I suppose this means there is a functional limit of 8 encrypted devices per system since there are only 8 key slots. Is that right? clevis-luks-askpass service is enabled, but I am not clear on if it is helpful in this case.
I am using clevis and tang just fine on a RHEL 8.8 system with an encrypted root device. However, when I encrypt a second device (internal drive) with the same passphrase the system prompts for the passphrase at boot. I have added _netdev flag to crypttab and fstab. However, I did NOT bind the second device to the tang server. Do all additional devices need to be bound independently? If so, I suppose this means there is a functional limit of 8 encrypted devices per system since there are only 8 key slots. Is that right? clevis-luks-askpass service is enabled, but I am not clear on if it is helpful in this case.