Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Document FIDO2 LUKS unlock #193

Open
travier opened this issue Dec 16, 2024 · 0 comments
Open

Document FIDO2 LUKS unlock #193

travier opened this issue Dec 16, 2024 · 0 comments

Comments

@travier
Copy link
Member

travier commented Dec 16, 2024

See: https://unix.stackexchange.com/questions/705795/fido2-yubikey-to-unlock-luks-at-boot-on-fedora-36-not-working

Step one.
systemd-cryptenroll --fido2-device=auto --fido2-with-user-verification=false --fido2-with-client-pin=false /dev/sda3
fill in where appropriate.
Step two.
    Modify /etc/crypttab.
vim /etc/crypttab
Modify so it looks like this.
luks-a6c32afd-3c35-4628-8653-5be499eaf0ce UUID=a6c32afd-3c35-4628-8653-5be499eaf0ce - fido2-device=auto
Step three.
sudo rpm-ostree initramfs --enable --arg='--add' --arg='fido2'
 
This worked with current Kinoite with a Yubikey.
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@travier