On Mon, Dec 02, 2019 at 06:16:43PM +0000, Zbigniew Jędrzejewski-Szmek wrote:
...snip...
Nevertheless, I'm pretty sure that a workaround for this will be
made
anyway. I think the latest version of the patchset allows exporting
the authorized_keys content in the non-encrypted metadata for the user.
I wonder if clevis/tang could help here?
(
https://github.com/latchset/clevis )
It could allow decryption in home networks, but not when traveling.
Of course you would have to setup the server, etc.
kevin