Ubuntu
systemd package

FIDO2 tokens not supported on this build

Bug #1937019 reported by Timothy Allen on 2021-07-21

26

This bug affects 5 people

Affects		Status	Importance	Assigned to	Milestone
	systemd (Debian)	Fix Released	Unknown	debbugs #991129
	systemd (Ubuntu)	Fix Released	Medium	Unassigned

Bug Description

I'm trying to test systemd-cryptenroll with FIDO2 keys in the new systemd version 248 on impish.

Running "systemd-cryptenroll --fido2-device=list" results in the message:

FIDO2 tokens not supported on this build.

Would it be possible to build systemd with FIDO support in time for the impish release?

Bug Watch Updater (bug-watch-updater) on 2021-07-21

Changed in systemd (Debian):
status:	Unknown → New

Bug Watch Updater (bug-watch-updater) on 2022-01-15

Changed in systemd (Debian):
status:	New → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2022-01-27:

#1

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in systemd (Ubuntu):
status:	New → Confirmed

Revision history for this message

Joe Richey (joerichey) wrote on 2022-02-04:

#2

Note that this also means that TPM2 support also doesn't work with cryptsetup-enroll (for similar reasons to the FIDO2 support).

The fix in Debian (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991129) also fixes TPM2 support. Once Ubuntu 21.10 picks up that change, we should be able to use TPM2 and FIDO2 keys with cryptsetup-enroll.

Revision history for this message

Rebala Pratheek (pratheekrebala) wrote on 2022-02-15:

#3

I wanted to check if there is an expected date or tracking issue for picking up the change from Debian into Ubuntu 21.10? I am also trying to roll out LUKS decryption using TPM2 and running into this bug.

Revision history for this message

Lukas Märdian (slyon) wrote on 2022-03-16:

#4

This has been enabled in Debian's systemd v250 via https://salsa.debian.org/systemd-team/systemd/-/commit/6b5e99f1d7f63c0c83007de9f98f7745f4a564f8

We're sticking with the more stable systemd v249 for Ubuntu Jammy LTS and we're already post feature freeze, so we cannot enable those new features (FIDO + TPM2 support).

This change will most probably land in Ubuntu 22.10 once we merge systemd v250+.

Changed in systemd (Ubuntu):
status:	Confirmed → Triaged
importance:	Undecided → Medium

Revision history for this message

Ari Pollak (aripollak) wrote on 2022-06-23:

#5

Looks like this has been released for 22.04: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1969375

Nick Rosbrook (enr0n) on 2023-06-09

Changed in systemd (Ubuntu):
status:	Triaged → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

debbugs #991129
[done wishlist] Edit

Bug watches keep track of this bug in other bug trackers.