Clevis is a framework for automated decryption. It allows you to encrypt
data using sophisticated unlocking policies which enable decryption to
The clevis package provides basic encryption/decryption policy support.
Users can use this directly; but most commonly, it will be used as a
building block for other packages. For example, see the clevis-luks
and clevis-dracut packages for automatic root volume unlocking of LUKSv1
volumes during early boot.
|clevis||Automated decryption policy framework|
|clevis-decrypt||Decrypts using the policy defined at encryption time|
|clevis-encrypt-http||Encrypts using a REST HTTP escrow server policy|
|clevis-encrypt-sss||Encrypts using a Shamir´s Secret Sharing policy|
|clevis-encrypt-tang||Encrypts using a Tang binding server policy|