Clevis/Tang in 802.1X network

Question

Clevis/Tang in 802.1X network

kirkog86 opened this issue a year ago · 4 comments

Need to authenticate to the network using 802.1x before the root volume can be decrypted with clevis/tang
Our network is secured with 802.1x and our root volume is encrypted and needs to be decrypted through the network with clevis/tang before the system can be used. How can we authenticate to the network to decrypt the volume so that the boot process can be completed?

Answer 1 · 2023-12-04T11:37:26.000Z

This isn't really relating to clevis, right?
You need to provide the right network config in your initrd and that depends on your initrd generator and which network stack you use in the initrd.

Answer 2 · 2023-12-26T11:05:14.000Z

Yep, you are correct, my bad...
NetworkManager + wpa_supplicant in initrd or 802.1x network configuration to allow TCPIP/DHCP/HTTP before 802.1x authentication.

Answer 3 · 2024-01-04T14:14:30.000Z

@kirkog86 : can this issue be closed then?

Answer 4 · 2024-01-04T14:24:02.000Z

Yes, thanks!

…

On Thu, 4 Jan 2024 at 16:14, Sergio Arroutbi ***@***.***> wrote: @kirkog86 <https://github.com/kirkog86> : can this issue be closed then? — Reply to this email directly, view it on GitHub <#443 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AEE6MKPB4CTUS373WCWX45DYM22NBAVCNFSM6AAAAABAFTSPZOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNZXGE3DANJVGY> . You are receiving this because you were mentioned.Message ID: ***@***.***>