blob: 35f03b6112f1539b7f7f8d9a62810de804612898 (plain
# Use the PBA agent from sedutil that supports only password input
# or use custom the PBA agent that supports keyfile, yubikey and
# password input. This will result in the smallest initramfs image.
# All the settings below this one only have any effect if USE_SEDUTIL_PBA=0
# The challenge to send to the yubikey. The response will unlock the
# keyring file. Use the challenge configured here as the challenge when
# creating your luks encrypted keyring file. Alternatively leave the challenge
# blank to be prompted for the challenge when booting.
# Keyfile name. Use an udev rule to create a single symlink to one of many
# devices with the luks keys and add the rule file in the FILES array above,
# or set this to /dev/disk/by-id of the device where you keep the keyfile.
# How many bytes to skip in the beginning of the keyfile device
# How many bytes to read from the keyfile device
# Wait before rebooting if the are any problems when unlocking the OPAL drives.