Skip to content

Use ykfde with encryptssh #113

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Bandie wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Use ykfde with encryptssh #113

Bandie wants to merge 1 commit into from

Conversation

@Bandie
Copy link

@Bandie Bandie commented Nov 2, 2025

Hi,

I needed a fallback to encryptssh if no YubiKey is present in 1FA mode, so I added YKFDE_SKIP_PASSWORD_PROMPT="1" as config option.

It skips ykfde's password prompt, just waiting for the YubiKey and none is present, it will drop out, executing the next hook.

This shall be a workaround until #57 is a thing.

Vincent43
Vincent43 reviewed Nov 5, 2025
View reviewed changes
src/hooks/ykfde Outdated
[ -z "$YKFDE_LUKS_DEV" ] && YKFDE_LUKS_DEV="/dev/disk/by-uuid/$YKFDE_DISK_UUID"
[ "$YKFDE_CRYPTSETUP_TRIALS" -lt 1 ] && YKFDE_CRYPTSETUP_TRIALS="5"
[ "$YKFDE_CHALLENGE_SLOT" -lt 1 ] || [ "$YKFDE_CHALLENGE_SLOT" -gt 2 ] && YKFDE_CHALLENGE_SLOT="2"
[ "$YKFDE_SKIP_PASSWORD_PROMPT" -ne 1 ] && YKFDE_SKIP_PASSWORD_PROMPT="0"
Copy link
Collaborator

@Vincent43 Vincent43 Nov 5, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we accept any non-empty value for other true/false options so strictly expecting 1 would be rather inconsequential.

Copy link
Author

@Bandie Bandie Nov 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the hint!

@Bandie Bandie changed the title Use ykfde with encryptssh Use ykfde with encryptssh, removing 11-dm-initramfs.rules as it doesn't exist anymore; fixes #115 Nov 16, 2025
@Bandie Bandie changed the title Use ykfde with encryptssh, removing 11-dm-initramfs.rules as it doesn't exist anymore; fixes #115 Use ykfde with encryptssh Nov 16, 2025
@agherzan
Copy link
Owner

agherzan commented Nov 19, 2025

Thanks for this. Could you please cleanup the git history?

@Bandie
Copy link
Author

Bandie commented Nov 19, 2025

Thanks for this. Could you please cleanup the git history?

Thanks!
Done! :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Vincent43 Vincent43 Vincent43 left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Bandie @agherzan @Vincent43