Bug#991129: systemd: FIDO2 tokens not supported on this build.

Christoph c at kluenter.de
Sun Oct 17 11:53:53 BST 2021


     On Thu, 15 Jul 2021 13:07:35 +0200 Michael Biebl <biebl at debian.org> 
wrote:
 > Am 15.07.21 um 07:35 schrieb Guy Rutenberg:
 > > Package: systemd
 > > Version: 249-1
 > > Severity: normal
 > > X-Debbugs-Cc: guyrutenberg at gmail.com
 > >
 > > Dear Maintainer,
 > >
 > > I'm trying to test out the new FIDO2 support for LUKS via 
systemd-cryptenroll.
 > > However, when trying to use the --fido2-device switch, for example 
in the
 > > following command
 > > ```
 > > systemd-cryptenroll --fido2-device list
 > > ```
 > > The command fails and reports
 > >
 > > ```
 > > FIDO2 tokens not supported on this build.
 > > ```
 > >
 > > Additional information:
 > > I have the `libfido2-1` package installed. I don't know if that 
should be
 > > required or not.
 >
 > src:systemd is built without libfido support, so what you see is 
expected.
 >
 >

Hi,

since 248 systemd supports fido to decrypt luks encrypted partitions on 
boot [1].

Fido was disabled because it was only needed for homed. This is not the 
case anymore.

Are there any plans to enable fido in future?


Cheers,

   Christoph



[1] 
http://0pointer.net/blog/unlocking-luks2-volumes-with-tpm2-fido2-pkcs11-security-hardware-on-systemd-248.html



More information about the Pkg-systemd-maintainers mailing list