Package: yubikey-luks Version: 0.3.3+3.ge11e4c1-1 Severity: important Tags: patch
Dear Maintainer, Recent versions of cryptsetup seem to have changed how the crypttab settings are stored in the initramfs. This results in the following error message on boot and the keyscript is not run: sed: /conf/conf.d/cryptroot: No such file or directory I got it working again by changing /usr/share/initramfs-tools/scripts/local- top/yubikey-luks as follows: sed -i 's|$|,keyscript=/sbin/ykluks-keyscript|' /cryptroot/crypttab -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing'), (10, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.16.0-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages yubikey-luks depends on: ii cryptsetup 2:2.0.3-4 ii initramfs-tools 0.130 ii yubikey-personalization 1.18.0-1 yubikey-luks recommends no packages. yubikey-luks suggests no packages. -- no debconf information
--- /usr/share/initramfs-tools/scripts/local-top/yubikey-luks 2015-08-18 14:16:50.000000000 +0100 +++ /etc/initramfs-tools/scripts/local-top/yubikey-luks 2018-07-20 19:26:35.592787797 +0100 @@ -18,6 +18,6 @@ esac #if [ -e /etc/yubikey-challenge ]; then - sed -i 's|$|,keyscript=/sbin/ykluks-keyscript|' /conf/conf.d/cryptroot + sed -i 's|$|,keyscript=/sbin/ykluks-keyscript|' /cryptroot/crypttab #fi exit 0
