On Tue, Jan 04, 2022 at 06:53:39PM -0800, Chris V wrote:
> I am working on building an automated pipeline with a disk that contains a
> LUKS
> partition. since it is running automated i need a method to provide the LUKS
> key using a file but i keep getting prompted to enter the keys. I am creating
> a file with only the key stored in it and using the --key option but i still
> get the key prompt.
>
> here is the command that i am running, can you advise me on what i need to
> change?:
> sudo guestfish -a disk.qcow2 --key /dev/sda2:file:key.txt run : part-init
> /dev/
> sda msdos : part-add /dev/sda p 2048 500000 : part-add /dev/sda p 500001
> 2097118 : mkfs ext4 /dev/sda1 : luks-format /dev/sda2 0 : luks-open /dev/sda2
> sda2_crypt : mkfs ext4 /dev/mapper/sda2_crypt
The easiest way is probably this guestfish flag:
--keys-from-stdin
Read key or passphrase parameters from stdin. The default is to
try to read passphrases from the user by opening /dev/tty.
If there are multiple encrypted devices then you may need to supply
multiple keys on stdin, one per line.
You can feed the key by redirecting stdin.
However a better way is likely to use the API directly for what you
want, eg. through a Perl or Python script. You can supply the key
directly as a parameter when using the API.
https://libguestfs.org/guestfs.3.html#guestfs_luks_open
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
libguestfs lets you edit virtual machines. Supports shell scripting,
bindings from many languages. http://libguestfs.org
_______________________________________________
Libguestfs mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/libguestfs
