Added a HSM menu entry (#1196) - archinstall32

diff options

author	Anton Hvornum <anton@hvornum.se>	2022-05-18 11:28:59 +0200
committer	GitHub <noreply@github.com>	2022-05-18 11:28:59 +0200
commit	493cccc18fa8c77c362b6abee2c3dc89d331c792 (patch)
tree	5778ffbf361ecf80360b4848bc683c8387965d9a /docs/Makefile
parent	561ea7e8f5c326312cc61c03d1b2329111f7634b (diff)

Added a HSM menu entry (#1196)

* Added a HSM menu entry, but also a safety check to make sure a FIDO device is connected * flake8 complaints * Adding FIDO lookup using cryptenroll listing * Added systemd-cryptenroll --fido2-device=list * Removed old _select_hsm call * Fixed flake8 complaints * Added support for locking and unlocking with a HSM * Removed hardcoded paths in favor of PR merge * Removed hardcoded paths in favor of PR merge * Fixed mypy complaint * Flake8 issue * Added sd-encrypt for HSM and revert back to encrypt when HSM is not used (stability reason) * Added /etc/vconsole.conf and tweaked fido2_enroll() to use the proper paths * Spelling error * Using UUID instead of PARTUUID when using HSM. I can't figure out how to get sd-encrypt to use PARTUUID instead. Added a Partition().part_uuid function. Actually renamed .uuid to .part_uuid and created a .uuid instead. * Adding missing package libfido2 and removed tpm2-device=auto as it overrides everything and forces password prompt to be used over FIDO2, no matter the order of the options. * Added some notes to clarify some choices. * Had to move libfido2 package install to later in the chain, as there's not even a base during mounting :P

Diffstat (limited to 'docs/Makefile')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: