We're moving!

A new home for CipherTrust documentation will be introduced on December 02, 2025! Visit https://docs-cybersec.thalesgroup.com for a preview.

Please Note:

User Guide
Installing the SafeNet ProtectApp LUKS Provider
Integration with CipherTrust Manager
Tasks
- Configuring User based authentication
- Configuring Passwordless Certificate based authentication
- Create Mapping of LUKS Device
- Remove Mapping of LUKS Device
- Upgrade from SafeNet ProtectApp LUKS 8.4.0 to SafeNet ProtectApp LUKS 8.5.0
- Migrations
  - Migration from Native Cryptsetup to SafeNet ProtectApp LUKS
  - Migration from SafeNet ProtectApp LUKS to Native Cryptsetup
Advanced Topics
- Setting up SSL/TLS
- Configuring the Properties File
- Sample Boot Time Configuration
Appendix

LUKS
User Guide
Tasks
Configuring Passwordless Certificate based authentication

Configuring Passwordless Certificate based authentication

Perform the following changes to ks_user_config file to configure Passwordless Certificate based authentication :

key_name=<CipherTrust Manager key name>
user_name=<keep this blank>
version=<version no.>
Enable =<yes>

The parameter Version specifies the version of the key created on CM.

The parameter Enable =<yes> implies that SafeNet ProtectApp-LUKS is enabled, otherwise normal LUKS cryptsetup functionality is used.

Note

Ensure to keep the user_name blank as username will be picked from the Client Certificate.

Example:

key_name=<CipherTrust Manager key name>
user_name=
Enable =<yes>

Ensure that the interface mode 'Verify client cert, username taken from client cert, auth request is optional' is selected in the interface setting of CipherTrust Manager.

Suggest A Change

Configuring Passwordless Certificate based authentication

On this page