latchset
Issues registering with Tang server
Hi all.
I've just been building a new Tang setup, and having issues registering against out tang servers. I've built a fresh CentOS 7 VM as the client with Clevis installed on it, but when registering and i'm supposed to be prompted for the current LUKS password, it just skips/exits. (See attached screenshot)
Any suggestions?
I've tried rebooting a few times, and this machine can curl the /adv URL of the Tang server OK.
Also just tried changing the existing LUKS password, which changed successfully, but still get the above when trying to register against a Tang server.
Apologises npmcallum, i'm away from the office now till Monday, so can't confirm. I installed it very recently, maybe....a week ago. But i'll confirm next week. Thanks
I just want to confirm the issue. I'm currently experimenting with clevis/tang and Ubuntu 18.04. When binding luks, I got the trust keys prompt. After that it just skips (without asking for a luks passphrase). Just as described by @johnandrews17. According to the tang server log everything was ok and adv request was received.
The issue was solved after creating new tang keys and removing the original keys which were created automatically during tang installation. After that the luks bind could be done as expected.
~]# DB=/var/db/tang ~]# jose jwk gen -i '{"alg":"ES512"}' -o $DB/new_sig.jwk ~]# jose jwk gen -i '{"alg":"ECMR"}' -o $DB/new_exc.jwk
@johnandrews17 , @XueSheng-GIT : have you tried this with latest versions of Clevis?
