[pkg-cryptsetup-devel] Bug#1023700: cryptsetup: Option fido2-device unknown
Celejar
celejar at gmail.com
Thu Nov 21 17:32:52 GMT 2024
Package: cryptsetup
Version: 2:2.7.5-1
Followup-For: Bug #1023700
I've just run into this as well. FWIW, there's apparently been some
progress on the similar issue of adding TPM 2 support to cryptsetup:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031254
https://salsa.debian.org/cryptsetup-team/cryptsetup/-/merge_requests/39
In addition to Guy's solution of switching to Dracut (which, according
to his blog post, still needs some additional hacks to get FIDO2 disk
unlocking on boot working), there's also this project:
https://github.com/bertogg/fido2luks
But it would obviously be great to get official, non-hacky, native
Debian support for FIDO2 disk unlocking on boot.
-- Package-specific info:
-- System Information:
Debian Release: trixie/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.11.9-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages cryptsetup depends on:
ii cryptsetup-bin 2:2.7.5-1
ii debconf [debconf-2.0] 1.5.87
ii dmsetup 2:1.02.201-1
ii libc6 2.40-3
cryptsetup recommends no packages.
Versions of packages cryptsetup suggests:
ii cryptsetup-initramfs 2:2.7.5-1
ii dosfstools 4.2-1.1
ii keyutils 1.6.3-4
ii liblocale-gettext-perl 1.07-7+b1
-- debconf information:
cryptsetup/prerm_active_mappings: true
More information about the pkg-cryptsetup-devel
mailing list