NAME

       clevis-luks-list - Lists pins bound to a LUKS device

SYNOPSIS

       clevis luks list -d DEV [-s SLT]

OVERVIEW

       The clevis luks list command list the pins bound to LUKS device. For example:

           clevis luks list -d /dev/sda1

OPTIONS

       •   -d DEV : The LUKS device on which to list bound pins

       •   -s SLT : The slot to use for listing the pin from

EXAMPLES

           clevis luks list -d /dev/sda1
           1: sss '{"t":1,"pins":{"tang":[{"url":"addr1"},{"url":"addr2"}],"tpm2":[{"hash":"sha256","key":"ecc"}],"sss":{"t":1,"pins":{"tang":[{"url":"addr3"}]}}}}'
           2: tang '{"url":"addr"}'
           3: tpm2 '{"hash":"sha256","key":"ecc","pcr_bank":"sha1","pcr_ids":"7"}'

       As we can see in the example above, /dev/sda1 has three slots bound each with a different
       pin.

       •   Slot #1 is bound with the sss pin, and uses also tang and tpm2 pins in its policy.

       •   Slot #2 is bound using the tang pin

       •   Slot #3 is bound with the tpm2 pin

       Note that the output of clevis luks list can be used with the clevis luks bind command,
       such as:

           clevis luks bind -d /dev/sda1 tpm2 '{"hash":"sha256","key":"ecc","pcr_bank":"sha1","pcr_ids":"7"}'

       And we will bind another slot with a policy similar to the one we have in slot #3. Also
       note that if you are interested in a particular slot, you can pass the -s SLT argument to
       clevis luks list:

           clevis luks list -d /dev/sda1 -s 2
           2: tang '{"url":"addr"}'

       In the above example, we listed only the pin bound to slot #2.

SEE ALSO

       clevis-luks-bind(1) <clevis-luks-bind.1.adoc>, clevis-encrypt-tang(1)
       <clevis-encrypt-tang.1.adoc>, clevis-encrypt-tpm2(1) <clevis-encrypt-tpm2.1.adoc>,
       clevis-encrypt-sss(1) <clevis-encrypt-sss.1.adoc>,

                                                                              CLEVIS-LUKS-LIST(1)