[Bug 1983784] Re: LUKS-encrypted partition is not automatically unlocked during the boot process with a fido2 key
Launchpad Bug Tracker
1983784 at bugs.launchpad.net
Sat Nov 12 21:12:03 UTC 2022
This bug was fixed in the package libfido2 - 1.12.0-1
---------------
libfido2 (1.12.0-1) unstable; urgency=medium
* New upstream release.
- hid_linux: reopen hidraw(4) after flock(2) (LP: #1983784).
-- Colin Watson <cjwatson at debian.org> Sat, 01 Oct 2022 20:48:17 +0100
** Changed in: libfido2 (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to libfido2 in Ubuntu.
https://bugs.launchpad.net/bugs/1983784
Title:
LUKS-encrypted partition is not automatically unlocked during the boot
process with a fido2 key
Status in libfido2 package in Ubuntu:
Fix Released
Bug description:
ubuntu 22.04
systemd 249.11-0ubuntu3.4
The partition is encrypted with luks2 and a fido2 key has been enrolled.with:
systemd-cryptenroll --fido2-device=auto /dev/<device>
/etc/crypttab has been setup with:
<target_name> LABEL=<label> none fido2-device=auto
/etc/fstab has been setup with:
/dev/mapper/<target_name> /media/<folder> ext4 defaults,nofail 0 0
After the boot is complete, the partition has not been unlocked
despite the fido2 key being present during the whole boot process.
Also, a manual unlock works with:
/lib/systemd/systemd-cryptsetup attach <target_name> /dev/<device> none fido2-device=auto
Set cipher aes, mode xts-plain64, key size 256 bits for device /dev/<device>
Automatically discovered security FIDO2 token unlocks volume.
Asking FIDO2 token for authentication.
👆 Please confirm presence on security token to unlock.
How to automatically unlock the partition at boot?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libfido2/+bug/1983784/+subscriptions
More information about the foundations-bugs
mailing list