On Thu, 15 Jul 2021 13:07:35 +0200 Michael Biebl <bi...@debian.org>
wrote:
> Am 15.07.21 um 07:35 schrieb Guy Rutenberg:
> > Package: systemd
> > Version: 249-1
> > Severity: normal
> > X-Debbugs-Cc: guyrutenb...@gmail.com
> >
> > Dear Maintainer,
> >
> > I'm trying to test out the new FIDO2 support for LUKS via
systemd-cryptenroll.
> > However, when trying to use the --fido2-device switch, for example
in the
> > following command
> > ```
> > systemd-cryptenroll --fido2-device list
> > ```
> > The command fails and reports
> >
> > ```
> > FIDO2 tokens not supported on this build.
> > ```
> >
> > Additional information:
> > I have the `libfido2-1` package installed. I don't know if that
should be
> > required or not.
>
> src:systemd is built without libfido support, so what you see is
expected.
>
>
Hi,
since 248 systemd supports fido to decrypt luks encrypted partitions on
boot [1].
Fido was disabled because it was only needed for homed. This is not the
case anymore.
Are there any plans to enable fido in future?
Cheers,
Christoph
[1]
http://0pointer.net/blog/unlocking-luks2-volumes-with-tpm2-fido2-pkcs11-security-hardware-on-systemd-248.html