Cryptsetup-ssh command not available although cryptsetup installed

Hi there,
I’d like to setup cryptsetup-ssh on my NixOS system which runs a luks encrypted pool setup.
I already added a keyfile using cryptsetup. Now I want to point to that keyfile using cryptsetup-ssh but it is not available:

❯ cryptsetup-ssh
cryptsetup-ssh: command not found

However, cryptsetup is installed:

❯ cryptsetup --version
cryptsetup 2.7.5 flags: UDEV BLKID KEYRING KERNEL_CAPI HW_OPAL

I already looked for nixos options for cryptsetup and for install instructions specifically for cryptsetup-ssh but I did not succeed. I’d really appreciate any advice.

Edit:
It boils down to the derivation of crypsetup which disables cyptsetup-ssh: "--disable-ssh-token".

For future reference, the following override works and install cryptsetup with cryptsetup-ssh

  nixpkgs.config.packageOverrides = pkgs: rec {
    cryptsetup = pkgs.cryptsetup.overrideAttrs {
      configureFlags = [
        "--with-crypto_backend=openssl"
        "--disable-asciidoc"
        "--enable-libargon2"
        "--with-luks2-external-tokens-path=/tmp/luks-tokens"
      ];
      buildInputs = with pkgs; [
        libssh
        lvm2
        json_c
        openssl
        libuuid
        popt
        libargon2
      ];
    };
  };

  environment.systemPackages = with pkgs; [
    cryptsetup
  ];
1 Like

You probably don’t want to override cryptsetup itself, since that will cause a lot of rebuilds to happen. You can just make a different package like cryptsetup-ssh = pkgs.cryptsetup.overrideAttrs ... and add cryptsetup-ssh to systemPackages instead.

1 Like