Assisted setup providers
These guides cover assisted disk encryption setup from fresh provider images. They are not the full Panocrypt-managed unlock compatibility boundary.
If a Linux system already uses LUKS, or you set up LUKS yourself on another
provider or distro, you can usually bind an unused keyslot to Panocrypt with
your distro’s cryptsetup, Clevis, and the standard Clevis tang pin. No
Panocrypt host software is required for that path. Start with
Bind an existing LUKS volume or
Bind an existing encrypted root disk.
Use these guides when you want the Panocrypt setup helper to start from a fresh, unencrypted provider image, set up LUKS on the root disk, bind managed boot unlock, and verify encrypted boot. Setup starts through cloud-init, user-data, or a setup command depending on the provider.
| Provider | Fresh setup path | Note | Guide |
|---|---|---|---|
| Hetzner Cloud | Cloud-init/user-data | Hetzner guide | |
| DigitalOcean | User-data | CentOS Stream requires an attached scratch volume. | DigitalOcean guide |
| OVH Cloud VPS | Setup command after clean VPS rebuild | OVH guide | |
| Oracle Cloud Infrastructure | Cloud-init/user-data | Current assisted setup list is Ubuntu only. | Oracle Cloud guide |
For the setup model before choosing a provider, read Assisted fresh-server setup.