Bug#1024775: systemd-cryptenroll --pkcs11-token-uri=list PKCS#11 tokens not supported on this build.
Jean-Michel Pouré
jm at poure.com
Thu Nov 24 17:22:24 GMT 2022
Package: systemd
Version: 252.1-1
Dear all,
I am trying to use an OpenSC compatible PKCS#11 token to enroll an RSA
keypair to unlock a LUKS partition.
systemd-cryptenroll --pkcs11-token-uri=list
PKCS#11 tokens not supported on this build
Could you please build systemd with PKCS#11 support.
PKCS#11 is the standard way to enroll security tokens and is very
mature.
Hardware: any libccid smartcard reader
https://ccid.apdu.fr/
Token: smartcard-hsm but it could also be the Yubikey
https://www.smartcard-hsm.com/
For testing : apt install opensc libccid pcscd opensc-pkcs11
Everything is in Debian and should work.
Please allow pkcs11-token and I will test both smartcard-hsm and
yubikey.
Kind regards,
More information about the Pkg-systemd-maintainers
mailing list