Hi there,
I’d like to setup cryptsetup-ssh on my NixOS system which runs a luks encrypted pool setup.
I already added a keyfile using cryptsetup. Now I want to point to that keyfile using cryptsetup-ssh but it is not available:
❯ cryptsetup-ssh
cryptsetup-ssh: command not found
However, cryptsetup is installed:
❯ cryptsetup --version
cryptsetup 2.7.5 flags: UDEV BLKID KEYRING KERNEL_CAPI HW_OPAL
I already looked for nixos options for cryptsetup and for install instructions specifically for cryptsetup-ssh but I did not succeed. I’d really appreciate any advice.
Edit:
It boils down to the derivation of crypsetup which disables cyptsetup-ssh: "--disable-ssh-token"
.
For future reference, the following override works and install cryptsetup with cryptsetup-ssh
nixpkgs.config.packageOverrides = pkgs: rec {
cryptsetup = pkgs.cryptsetup.overrideAttrs {
configureFlags = [
"--with-crypto_backend=openssl"
"--disable-asciidoc"
"--enable-libargon2"
"--with-luks2-external-tokens-path=/tmp/luks-tokens"
];
buildInputs = with pkgs; [
libssh
lvm2
json_c
openssl
libuuid
popt
libargon2
];
};
};
environment.systemPackages = with pkgs; [
cryptsetup
];