Hi,
i'm trying to archive network bound disk unlocking. I setup tang server in my network outside of the pve host. My pve host disk is encrypted with cryptsetup/LUKS2. I can unlock the disk at boot time with entering passphrase. So my LUKS setup is working as expected.
Now i installed clevis and clevis-initramfs on my pve host. Ad used clevis command to bind the tang server on keyslot 1 of my encrypted disk. I rebuilded my initramfs.
Rebootet. My problem is that i still stuck at the passphrase question on the bootscreen. No DHCP client looking for an IP address. No autodecryption. I have to enter my passphrase.
The network card driver is i40e. And with lsinitramfs i found that i40e.ko is a part of the initrd.image
I'm still on PVE 7.4-17 on this host. The Ethernet controller model is Intel X710. The server has two NICs.
Any idea how to debug this?
Edit: Okay i'm using VLAN and LACP with the two NICs. Maybe this is the cause of the issue. I will try without both later.
i'm trying to archive network bound disk unlocking. I setup tang server in my network outside of the pve host. My pve host disk is encrypted with cryptsetup/LUKS2. I can unlock the disk at boot time with entering passphrase. So my LUKS setup is working as expected.
Now i installed clevis and clevis-initramfs on my pve host. Ad used clevis command to bind the tang server on keyslot 1 of my encrypted disk. I rebuilded my initramfs.
Rebootet. My problem is that i still stuck at the passphrase question on the bootscreen. No DHCP client looking for an IP address. No autodecryption. I have to enter my passphrase.
The network card driver is i40e. And with lsinitramfs i found that i40e.ko is a part of the initrd.image
I'm still on PVE 7.4-17 on this host. The Ethernet controller model is Intel X710. The server has two NICs.
Any idea how to debug this?
Edit: Okay i'm using VLAN and LACP with the two NICs. Maybe this is the cause of the issue. I will try without both later.
Last edited: