<div dir="ltr"><div>Hello Lennart. Thanks for your quick response.<br><br></div>This option will disable all password prompt ... hiding also our calls to systemd-ask-password ... is it possible to discard systemd-cryptsetup one specifically?<br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Jun 4, 2024 at 2:52 PM Lennart Poettering <<a href="mailto:lennart@poettering.net">lennart@poettering.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On Di, 04.06.24 13:08, Sergio Arroutbi (<a href="mailto:sarroutb@redhat.com" target="_blank">sarroutb@redhat.com</a>) wrote:<br>
<br>
> Hello.<br>
><br>
> We are implementing a feature related to PKCS#11 that, when some conditions<br>
> are met (mostly that PKCS11 PIN has not been stored in configuration and<br>
> input to our systemd unit), requires systemd-cryptsetup service password<br>
> prompt to be hidden from TTY and executed only listening to password<br>
> provided by the socket defined in<br>
> <a href="https://systemd.io/PASSWORD_AGENTS/" rel="noreferrer" target="_blank">https://systemd.io/PASSWORD_AGENTS/</a><br>
<br>
The boot-time password prompt on the TTY is just an agent too. Mask it<br>
via "systemctl mask systemd-ask-password-console.service".<br>
<br>
Lennart<br>
<br>
--<br>
Lennart Poettering, Berlin<br>
<br>
</blockquote></div><br clear="all"><br><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature"><div dir="ltr">Sergio Arroutbi Braojos<br>Senior Software Engineer at Red Hat - Special Projects (SECENGSP)<br><a href="http://redhat.com" target="_blank">Red Hat</a><br></div></div>