Hi all,
I would use FIDO2 for decryp hdd. I use this : NixOS 23.11 manual | Nix & NixOS
But I have this error :
WrongSecret
No FIDO2 key found, failling back to normal open procedure
Someone have good result with FIDO2 key ?
I use Nitro Fido2 New Nitrokey FIDO2 For 2FA And Passwordless Login | Nitrokey and YubiKey 5 with same résult.
The normal open procedure are good.
In configuration.nix, I have :
`boot.initrd.luks.fido2Support = true;`
` boot.initrd.luks.devices."partitions".device = "/dev/sda2";`
` boot.initrd.luks.devices."partitions".fido2.credential = "a67d17616bf2568727498dffa95205df943383ab3a2f9798606532d5791a155a37dd52dae2262619c1da2be7562ec9dd94888c71a9326fea70dfe16214b5ea8ec0143b010000";`
in hardware.nix I have :
`{ config, lib, pkgs, modulesPath, ... }:`
``
`{`
` imports =`
` [ (modulesPath + "/installer/scan/not-detected.nix")`
` ];`
``
` boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];`
` boot.initrd.kernelModules = [ "dm-snapshot" ];`
` boot.kernelModules = [ "kvm-intel" ];`
` boot.extraModulePackages = [ ];`
``
` fileSystems."/" =`
` { device = "/dev/disk/by-uuid/b670bb55-7e29-4477-8f58-118c42598f40";`
` fsType = "ext4";`
` };`
``
` fileSystems."/boot" =`
` { device = "/dev/disk/by-uuid/0BEC-722D";`
` fsType = "vfat";`
` };`
``
` swapDevices =`
` [ { device = "/dev/disk/by-uuid/d52b6afe-cb3f-4e92-8e4b-5394a0bef647"; }`
` ];`
`boot.initrd.luks.devices = {`
` "partitions" = {`
` device = "/dev/sda2";`
` preLVM = true; # You may want to set this to false if you need to start a network service first`
` };`
` }; `
Idea ?