Package: clevis-dracut
Version: 11-2+deb10u1
Hi.
I'm playing around with a tpm which only supports sha256, and the clevis
fails:
# clevis luks bind -k X -d /dev/Y tpm2 '{"pcr_bank": "sha256",
# "pcr_ids":"7"}'
WARN: Ignore unsupported bank/algorithm: sha1(0x0004)
ERROR: Unable to run tpm2_pcrlist
Creating PCR hashes file failed!
This is because a bug in clevis-tpm2:
https://github.com/latchset/clevis/commit/67fc67c15fdf6fd053b261d123ae58d9e55f1991
I suggest backporting that upstream fix to get clevis-tpm2 working
with sha256 tpm's.
//Anton
