[Bug 1983784] Re: LUKS-encrypted partition is not automatically unlocked at boot with fido2 key
Aaron Rainbolt
1983784 at bugs.launchpad.net
Mon Aug 8 02:12:49 UTC 2022
Thank you for taking the time to report this bug and helping to make Ubuntu better. Please execute the following command only once, as it will automatically gather debugging information, in a terminal:
apport-collect 1983784
When reporting bugs in the future please use apport by using 'ubuntu-
bug' and the name of the package affected. You can learn more about this
functionality at https://wiki.ubuntu.com/ReportingBugs.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1983784
Title:
LUKS-encrypted partition is not automatically unlocked at boot with
fido2 key
Status in systemd package in Ubuntu:
New
Bug description:
ubuntu 22.04
systemd 249.11-0ubuntu3.4
The partition is encrypted with luks2 and a fido2 key has been enrolled.with:
systemd-cryptenroll --fido2-device=auto /dev/<device>
/etc/crypttab has been setup with:
<target_name> LABEL=<label> none fido2-device=auto
/etc/fstab has been setup with:
/dev/mapper/<target_name> /media/<folder> ext4 defaults,nofail 0 0
After the boot is complete, the partition has not been unlocked
despite the fido2 key being present during the whole boot process.
Also, a manual unlock works with:
/lib/systemd/systemd-cryptsetup attach <target_name> /dev/<device> none fido2-device=auto
Set cipher aes, mode xts-plain64, key size 256 bits for device /dev/<device>
Automatically discovered security FIDO2 token unlocks volume.
Asking FIDO2 token for authentication.
👆 Please confirm presence on security token to unlock.
How to automatically unlock the partition at boot?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1983784/+subscriptions
More information about the foundations-bugs
mailing list