Package: cryptsetup-initramfs Version: 2:2.6.1-3~deb12u1 I have an encrypted root that I unlock with a fido usb key but when I power on my computer, instead of asking me to unlock with my key, it asks for a password because the initramfs doesn't include the cryptsetup token binaries. I wrote a initramfs hook to add the libcryptsetup-token-systemd-fido2 binary and the libfido2 library but it still asks for my password on boot requiring me to press enter to make the system to invoke cryptsetup and allowing me to unlock with my key.
I suggest that the package is updated to automatically detect if a disk uses
any tokens and to add the necessary binaries/libraries to the initramfs and to
not ask for a password when a token is used. On my system, the cryptsetup token
binaries are located at /usr/lib/x86_64-linux-gnu/cryptsetup.
Here's the initramfs hook I wrote to somewhat fix the problem:
```
#!/bin/sh
set -e
PREREQ=""
prereqs()
{
echo "${PREREQ}"
}
case "${1}" in
prereqs)
prereqs
exit 0
;;
esac
. /usr/share/initramfs-tools/hook-functions
copy_exec /usr/lib/x86_64-linux-gnu/libfido2.so.1
copy_exec
/usr/lib/x86_64-linux-gnu/cryptsetup/libcryptsetup-token-systemd-fido2.so
```
Thanks,
August M.H.
They / Them
publickey - august.m.h@pm.me - 0x276B1AAA.asc
Description: application/pgp-keys
