Package: cryptsetup Version: 2:2.7.5-1 Followup-For: Bug #1023700 I've just run into this as well. FWIW, there's apparently been some progress on the similar issue of adding TPM 2 support to cryptsetup:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031254 https://salsa.debian.org/cryptsetup-team/cryptsetup/-/merge_requests/39 In addition to Guy's solution of switching to Dracut (which, according to his blog post, still needs some additional hacks to get FIDO2 disk unlocking on boot working), there's also this project: https://github.com/bertogg/fido2luks But it would obviously be great to get official, non-hacky, native Debian support for FIDO2 disk unlocking on boot. -- Package-specific info: -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.11.9-amd64 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages cryptsetup depends on: ii cryptsetup-bin 2:2.7.5-1 ii debconf [debconf-2.0] 1.5.87 ii dmsetup 2:1.02.201-1 ii libc6 2.40-3 cryptsetup recommends no packages. Versions of packages cryptsetup suggests: ii cryptsetup-initramfs 2:2.7.5-1 ii dosfstools 4.2-1.1 ii keyutils 1.6.3-4 ii liblocale-gettext-perl 1.07-7+b1 -- debconf information: cryptsetup/prerm_active_mappings: true
