Package: systemd

I would like to unlock LUKS encrypted disks with the new systemd-cryptsetup 
ability to unlock using security keys such as Yubikey, etc. I am primarily
interested in the FIDO2 support personally however there is also PKCS11 and
TPM2 support.  It would be great to enable all 3 of these.

An introduction/overview of the feature can be found here:
https://0pointer.net/blog/unlocking-luks2-volumes-with-tpm2-fido2-pkcs11-security-hardware-on-systemd-248.html

The relevant options libfido2, p11kit and tpm2 are currently disabled
in debian/rules.

It seems the fido2 support was disabled in 246-1 because "This is only used by 
homed which we don't enable.” however that doesn’t apply anymore. Additionally
the p11kit and tpm2 support was disabled in 245-1 due to being new features
that require further review.

Thanks,
Trent

Reply via email to