qaz@lemmy.world to Linux@lemmy.mlEnglish · edit-23 年前TIL You can use systemd-analyze plot > plot.svg to plot the service startup time to find bottleneckslemmy.worldimagemessage-square59linkfedilinkarrow-up1793arrow-down117file-text
arrow-up1776arrow-down1imageTIL You can use systemd-analyze plot > plot.svg to plot the service startup time to find bottleneckslemmy.worldqaz@lemmy.world to Linux@lemmy.mlEnglish · edit-23 年前message-square59linkfedilinkfile-text
minus-squaremagikmw@lemm.eelinkfedilinkarrow-up7·3 年前I wish to replace it with a yubikey, but I don’t even know if it’s supported.
minus-squareUllebe1@lemmy.mllinkfedilinkarrow-up15·3 年前It is supported by systemd to use FIDO2 + pin to decrypt luks partitions with many security keys, including Yubikeys. I use it every day on my laptop.
minus-squareSkeletonek@lemmy.ziplinkfedilinkEnglisharrow-up8·3 年前It is, I have it set up on my laptop. It’s a bit finicky in how it works and it’s not easy to setup, but it is possible.
minus-squarestifle867@programming.devlinkfedilinkarrow-up3·3 年前Does it work by emulating the keyboard and typing in the password? Or by the encrypted protocol that works using the on device secret?
minus-squareSkeletonek@lemmy.ziplinkfedilinkEnglisharrow-up1·3 年前Both should be possible. I am using the psuedo 2FA method. First I type the PIN and after that I confirm with YubiKey.
minus-squareContend6248@feddit.delinkfedilinkarrow-up3arrow-down1·3 年前You can’t even use a fucking fingerprint scanner while being in the system, that package is borked for months and nobody seem to care to solve it. I think using Yubikey at boot time is quite out of reach
I wish to replace it with a yubikey, but I don’t even know if it’s supported.
It is supported by systemd to use FIDO2 + pin to decrypt luks partitions with many security keys, including Yubikeys. I use it every day on my laptop.
It is, I have it set up on my laptop. It’s a bit finicky in how it works and it’s not easy to setup, but it is possible.
Does it work by emulating the keyboard and typing in the password? Or by the encrypted protocol that works using the on device secret?
Both should be possible. I am using the psuedo 2FA method. First I type the PIN and after that I confirm with YubiKey.
You can’t even use a fucking fingerprint scanner while being in the system, that package is borked for months and nobody seem to care to solve it.
I think using Yubikey at boot time is quite out of reach