1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-22 17:35:35 +03:00
systemd/shell-completion
Kamil Szczęk e262205eb7 cryptenroll: support for enrolling FIDO2 tokens in manual mode
systemd-cryptsetup supports a FIDO2 mode with manual parameters, where
the user provides all the information necessary for recreating the
secret, such as: credential ID, relaying party ID and the salt. This
feature works great for implementing 2FA schemes, where the salt file
is for example a secret unsealed from the TPM or some other source.
While the unlocking part is quite straightforward to set up, enrolling
such a keyslot - not so easy. There is no clearly documented
way on how to set this up and online resources are scarce on this topic
too. By implementing a straightforward way to enroll such a keyslot
directly from systemd-cryptenroll we streamline the enrollment process
and reduce chances for user error when doing such things manually.
2024-06-20 14:26:24 +02:00
..
bash cryptenroll: support for enrolling FIDO2 tokens in manual mode 2024-06-20 14:26:24 +02:00
zsh bootctl: add --random-seed=yes/no 2024-06-20 14:26:13 +09:00