On Tue, 22 Jan 2019 10:01:30 +0100
Wolfgang Rosenauer
Am 22.01.19 um 09:55 schrieb Andrei Borzenkov:
On Tue, Jan 22, 2019 at 11:07 AM Wolfgang Rosenauer
wrote: 2) Show a link to the howto you found.
It relies on support for keyscript in /etc/crypttab, keyscript is unsupported by systemd, openSUSE is using systemd so it will not work. You will need to implement something to configure your device outside of standard framework.
hmm, does not sound promising. I didn't expect to touch undiscovered country trying to use a Yubikey to unlock a crypto partition on openSUSE :-( I cannot be the first one?
Wolfgang
This doesn't answer your question, but might have some useful hints. https://forum.yubico.com/viewtopic2f91.html?f=23&t=1143&p=4295&hilit=linux+login+logon#p4295 It's instructions on using a Yubikey + password for logging in rather than unlocking encrypted partitions. Read the whole post, especially the screenshots by yubidoobydoo at the end. On openSUSE you need to install pam_yubico rather than libpam-yubico. -- Bob