what is the most efficient way of unlocking a LUKS drive over the network when using key files?

Question

It is easy to unlock a LUKS drive over SSH when the drive takes text passwords:

cryptsetup luksOpen /dev/sdb1 mylockeddrive

Then entering the password at prompt.

Is there a way of unlocking these drives when a key file is used, short of copying the key file on the remote system?

score 6 · Accepted Answer · answered Nov 14 '16 at 18:34

6

Send the key via a pipe and tell cryptsetup to read it from standard input.

cat keyfile | ssh remotehost "cryptsetup open --type luks --key-file - /dev/sdb1"

answered Nov 14 '16 at 18:34

Michael Hampton

1 Answers1