NEWS: Add entry about support for multiple FIDO2 tokens

2024-07-23 19:25:39 +00:00 · 2023-01-25 20:47:35 -05:00 · 2023-01-25 20:47:35 -05:00 · ad901df995
parent 820c66dcfc
commit ad901df995
1 changed files with 6 additions and 0 deletions
--- a/6
+++ b/6
@ -312,6 +312,12 @@ CHANGES WITH 253 in spe:
        * systemd-cryptenroll now supports unlocking via FIDO2 tokens (option
          --unlock-fido2-device=).

+        * systemd-cryptsetup now supports pre-flight requests for FIDO2 tokens
+          (except for tokens with user verification, UV) to identify tokens
+          before authentication. Multiple FIDO2 tokens can now be enrolled at
+          the same time, and systemd-cryptsetup will automatically select one
+          that corresponds to one of the available LUKS key slots.
+
        * systemd-cryptsetup now supports new options tpm2-measure-pcr= and
          tpm2-measure-bank= in crypttab(5). These allow specifying the
          PCR bank and number into which the volume key should be measured.