Provided by: cryptsetup-bin_2.4.3-1ubuntu1.3_amd64 bug

NAME
       cryptsetup-ssh - manage LUKS2 SSH token


SYNOPSIS
       cryptsetup-ssh <options> <action> <action args>


DESCRIPTION
       Experimental cryptsetup plugin for unlocking LUKS2 devices with token connected to an SSH server.

       This  plugin  currently  allows  only  adding  a  token  to  an  existing key slot, see cryptsetup(8) for
       instruction on how to remove, import or export the token.

   Add operation
       add <options> <device>

              Adds the SSH token to <device>.

              Specified SSH server must contain a key file on the  specified  path  with  a  passphrase  for  an
              existing  key  slot  on  the  device.   Provided credentials will be used by cryptsetup to get the
              password when opening the device using the token.

              --ssh-server, --ssh-user, --ssh-keypath and --ssh-path are required for this operation.

       --key-slot=NUM
              Keyslot to assign the token to. If not specified, the token will be assigned to the first key slot
              matching provided passphrase.

       --ssh-keypath=STRING
              Path to the SSH key for connecting to the remote server.

       --ssh-path=STRING
              Path to the key file on the remote server.

       --ssh-server=STRING
              IP address/URL of the remote server for this token.

       --ssh-user=STRING
              Username used for the remote server.


OPTIONS
       --debug
              Show debug messages

       --debug-json
              Show debug messages including JSON metadata

       -v, --verbose
              Shows more detailed error messages

       -?, --help
              Show help

       -V, --version
              Print program version


NOTES
       The information provided when adding the token (SSH server address, user and paths) will be stored in the
       LUKS2 header in plaintext.


REPORTING BUGS
       Report bugs, including ones in the documentation, on the cryptsetup mailing list  at  <dm-crypt@saout.de>
       or  in  the  'Issues'  section  on LUKS website.  Please attach the output of the failed command with the
       --debug option added.


COPYRIGHT
       Copyright © 2016-2021 Red Hat, Inc.
       Copyright © 2016-2021 Milan Broz
       Copyright © 2021 Vojtech Trefny

       This is free software; see the source for copying  conditions.   There  is  NO  warranty;  not  even  for
       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.


SEE ALSO
       The project website at https://gitlab.com/cryptsetup/cryptsetup

cryptsetup-ssh                                      June 2021                                  CRYPTSETUP-SSH(8)