Whether to enable clevis-luks-askpass in initrd. Watches for systemd password requests during boot and answers them using clevis tokens bound to LUKS headers. Runs in parallel with the interactive password prompt. If clevis cannot unlock a device (tang unreachable, no binding, etc.) the user can still type the passphrase. Prerequisites: Bind clevis to each LUKS device: clevis luks bind -d /dev/xxx tang ‘{“url”:“…”}’ Configure networking in the initrd so tang servers are reachable .

false

true