Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-45564

Rather than having one token slot for Clevis and one for a key, allow multiple

    • Icon: Epic Epic
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • stratisd
    • None
    • RFE: Allow multiple tokens slots for encryption
    • Hide

      The following needs to be verified in order for this epic to be considered complete:

      • A pool can allow encryption with multiple keys at once. For example, the user should be allowed to bind a pool to a new key even if the pool is already encrypted with a key.
      Show
      The following needs to be verified in order for this epic to be considered complete: A pool can allow encryption with multiple keys at once. For example, the user should be allowed to bind a pool to a new key even if the pool is already encrypted with a key.
    • rhel-sst-logical-storage
    • ssg_filesystems_storage_and_HA
    • False
    • Hide

      None

      Show
      None

      Description

      At present, Stratis only allows one token slot for encryption via a key in the kernel keyring and one for Clevis. It might be good to expose the flexibility that cryptsetup provides to support multiple Clevis and keyring token slots.

       

      https://github.com/stratis-storage/stratisd/issues/3598

              jbaublit@redhat.com John Baublitz
              amulhern@redhat.com the Mulhern
              stratis-team stratis-team
              Filip Suba Filip Suba
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: