Feature request: Unlock LUKS volumes using FIDO2 keys

Open

Details

One participant

DonaldSanders1968

Owner: unassigned

Submitted by: DonaldSanders1968

Severity: wishlist

DonaldSanders1968 wrote on 24 Jan 17:59 +0100

Recipients:(name . bug-guix@gnu.org)(address . bug-guix@gnu.org)

Message-ID:vb-Zq-TsYQtwr9JtVtpIJfuC9hIgXHUJ4ulHK92DhVhN4wSUVaRDDTrQFy1LPRn1SD5JQDHK-lZe-k8kkmYuZ7rVJl7V-IRnJ1MeS8qcoxY=@protonmail.ch

Hi Guix,

Currently It's highly inconvenient to input passwords multiple times with LUKS, especially when one has a total encrypted RAID. Besides what has been done in https://issues.guix.gnu.org/68524,it's also worth considering to allowing using FIDO2 key to unlock LUKS encrypted volumes, like what systemd-cryptenroll or clevis do. I believe it's a perfect balance between security and convenience.

Thanks!

Attachment: file

Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 68694@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it

mumi current 68694

Then, you may apply the latest patchset in this issue (with sign off)

mumi am -- -s

Or, compose a reply to this issue

mumi compose

Or, send patches to this issue

mumi send-email *.patch

is:open	open issues
is:done	closed issues
submitter:<who>	search issue submitter
author:<who>	search by message author
date:yesterday..now	search by issue date
mdate:3m..2d	search by message date