Control: tags -1 + moreinfo Am 20.02.19 um 14:09 schrieb GP: > I encrypted my hard disk and tried to add another slot for unlocking the hard > disk with another password and yubikey (challenge response) > > The commands i entered > > sudo ykpersonalize -2 -ochal-resp -ochal-hmac -ohmac-lt64 > -oserial-api- > visible > sudo /usr/bin/yubikey-luks-enroll -d /dev/nvme0n1p3 -s 7 > sudo reboot > > * What was the outcome of this action? > > The yubikey is ignored at boot up. I dont get any messages on unlocking the > disk with the use of yubikey. > I can only unlock my hard disk with the original password with or without the > yubikey inserted at usb slot. > > * What outcome did you expect instead? > > I should be ask to enter the original password or the password needed with > yubikey. I should insert the yubikey and the password and decrypt my hard > disk.
Thanks for your report. Have you actually changed your /etc/crypttab to use yubikey to unlock? It is no longer enabled by default. Please see: /usr/share/doc/yubikey-luks/README.md /usr/share/doc/yubikey-luks/NEWS.Debian.gz Cheers Markus Frosch -- [email protected] / [email protected] https://lazyfrosch.de
signature.asc
Description: OpenPGP digital signature
