Yubikey and LUKS on testing (Buster)

To: debian-user@lists.debian.org
Subject: Yubikey and LUKS on testing (Buster)
From: gpdsbe@mailbox.org
Date: Wed, 20 Feb 2019 12:15:57 +0200 (EET)
Message-id: <[🔎] 80367600.66391.1550657757920@office.mailbox.org>

Hi! :)
Im trying to use yubikey with disk encryption.

Im running Buster and my partitions are

$ lsblk 
NAME                    MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINT
nvme0n1                 259:0    0 238.5G  0 disk  
├─nvme0n1p1             259:1    0   512M  0 part  /boot/efi
├─nvme0n1p2             259:2    0   244M  0 part  /boot
└─nvme0n1p3             259:3    0 237.8G  0 part  
  └─nvme0n1p3_crypt     254:0    0 237.8G  0 crypt 
    ├─Laptop--vg-root   254:1    0   230G  0 lvm   /
    └─Laptop--vg-swap_1 254:2    0   7.7G  0 lvm   [SWAP]


I insert yubikey with an empty slot on 2 and i execute the following commands 

$ sudo ykpersonalize -2 -ochal-resp -ochal-hmac -ohmac-lt64 -oserial-api-visible

then

$ sudo yubikey-luks-enroll -d /dev/nvme0n1p3 -s 7

Then i reboot my computer and when it asks for a password to unlock my disk encryption I insert my yubikey.
It doesn't accept the password that i programmed to use with yubikey. 

Instead it accepts the password i use without the yubikey! The prompt to enter my password doesn't mention yubikey.

Any ideas?

Thanks in advance for your help!

PS.I have 2 yubikeys. I'm having the same problem with both of them.

Reply to:

Follow-Ups:
- Re: Yubikey and LUKS on testing (Buster)
  - From: Roberto C. Sánchez <roberto@debian.org>

Prev by Date: Re: Can't scan new disk
Next by Date: Re: Can't scan new disk
Previous by thread: Re: guacamole - recording
Next by thread: Re: Yubikey and LUKS on testing (Buster)
Index(es):
- Date
- Thread