Package: systemd I would like to unlock LUKS encrypted disks with the new systemd-cryptsetup ability to unlock using security keys such as Yubikey, etc. I am primarily interested in the FIDO2 support personally however there is also PKCS11 and TPM2 support. It would be great to enable all 3 of these.
An introduction/overview of the feature can be found here: https://0pointer.net/blog/unlocking-luks2-volumes-with-tpm2-fido2-pkcs11-security-hardware-on-systemd-248.html The relevant options libfido2, p11kit and tpm2 are currently disabled in debian/rules. It seems the fido2 support was disabled in 246-1 because "This is only used by homed which we don't enable.” however that doesn’t apply anymore. Additionally the p11kit and tpm2 support was disabled in 245-1 due to being new features that require further review. Thanks, Trent
