systemd-cryptsetup works when called manually, but when using the unit, it doesn't recognize FIDO2 key #22617
Labels
cryptsetup
fido2
needs-reporter-feedback ❓
There's an unanswered question, the reporter needs to answer
systemd version the issue has been seen with
Used distribution
Linux kernel version used (
uname -a
)CPU architecture issue was seen on
Expected behaviour you didn't see
Unexpected behaviour you saw
Steps to reproduce the problem
not exactly known, but installing the specified fedora environment, then set up a FIDO2 key via systemd-cryptenroll, and adjust
/etc/crypttab
and create a dracut config to make sure that the fido2/yubikey libraries are present (this may not be necessary, but it precludes a possible failure scenario)e.g. create
etc/dracut.conf.d/yubikey.conf
with the following content:In
/etc/crypttab
, a new entry for the root device is created withfido2-device=auto
as option (maybe also add a timeout, but afaik that doesn't work as expected).In the concrete system setup, a modification to the udev rules was done to make sure that libinput doesn't recognize the FIDO2 key as a keyboard, but it shouldn't affect this problem.
Run
dracut --regenerate-all --force
to regenerate the initrd.Additional program output to the terminal or log subsystem illustrating the issue
Not available currently; I tried strace-ing it, and it worked as expected when called directly, but I was unable to trace the execution of the unit file. As this usually causes the boot to hang for a while, and then afaik switch to emergency mode, it's especially annoying to debug.
Potentially related
https://bugzilla.redhat.com/show_bug.cgi?id=1965482
The text was updated successfully, but these errors were encountered: