Add headless=yes to the crypttab entry for the device you want to avoid interactive passwords prompt for
On Tue, 4 Jun 2024 at 17:22, Sergio Arroutbi <sarro...@redhat.com> wrote: > > Hello Lennart. Thanks for your quick response. > > This option will disable all password prompt ... hiding also our calls to > systemd-ask-password ... is it possible to discard systemd-cryptsetup one > specifically? > > On Tue, Jun 4, 2024 at 2:52 PM Lennart Poettering <lenn...@poettering.net> > wrote: >> >> On Di, 04.06.24 13:08, Sergio Arroutbi (sarro...@redhat.com) wrote: >> >> > Hello. >> > >> > We are implementing a feature related to PKCS#11 that, when some conditions >> > are met (mostly that PKCS11 PIN has not been stored in configuration and >> > input to our systemd unit), requires systemd-cryptsetup service password >> > prompt to be hidden from TTY and executed only listening to password >> > provided by the socket defined in >> > https://systemd.io/PASSWORD_AGENTS/ >> >> The boot-time password prompt on the TTY is just an agent too. Mask it >> via "systemctl mask systemd-ask-password-console.service". >> >> Lennart >> >> -- >> Lennart Poettering, Berlin >> > > > -- > Sergio Arroutbi Braojos > Senior Software Engineer at Red Hat - Special Projects (SECENGSP) > Red Hat
