On So, 07.03.21 19:24, Christian Kastner (ckk@xxxxxxxxxx) wrote: > Am I reading [1] directly in that the FIDO2 is intended to be as > 1FA? FIDO2 can be configured to take a PIN. In fact the FIDO2 support in systemd-cryptsetup when enrolling specifies that a PIN shall be necessary. As the PIN stuff is not an optional FIDO2 feature IIRC this is 2FA in all cases. Right now whether to require the FIDO2 PIN is not configurable. We could make it configurable though, so that you could use it in 1FA situations. Lennart -- Lennart Poettering, Berlin _______________________________________________ systemd-devel mailing list systemd-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: systemd-crypttab: FIDO2 and passwords
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: systemd-crypttab: FIDO2 and passwords
- From: Lennart Poettering <lennart@xxxxxxxxxxxxxx>
- Date: Sun, 7 Mar 2021 23:34:27 +0100
- Cc: systemd-devel@xxxxxxxxxxxxxxxxxxxxx
- In-reply-to: <ee8d8b1e-562b-d5e7-3bb8-4c7bdc6a96d9@debian.org>
- References: <ee8d8b1e-562b-d5e7-3bb8-4c7bdc6a96d9@debian.org>
- Follow-Ups:
- Re: systemd-crypttab: FIDO2 and passwords
- From: Christian Kastner
- Re: systemd-crypttab: FIDO2 and passwords
- References:
- systemd-crypttab: FIDO2 and passwords
- From: Christian Kastner
- systemd-crypttab: FIDO2 and passwords
- Prev by Date: systemd-crypttab: FIDO2 and passwords
- Next by Date: Re: systemd-crypttab: FIDO2 and passwords
- Previous by thread: systemd-crypttab: FIDO2 and passwords
- Next by thread: Re: systemd-crypttab: FIDO2 and passwords
- Index(es):
 |