NEWS: Add entry about support for multiple FIDO2 tokens

author: Peter Cai <peter@typeblog.net> 2023-01-25 20:47:35 -0500
committer: Peter Cai <peter@typeblog.net> 2023-01-26 09:33:28 -0500
commit: ad901df99548bce32bc70a8794498a77981794c6 (patch)
tree: 5f525c872c7c1d05b407f85dd016aba3c6a676af /NEWS
parent: 820c66dcfc4392e038c89f4702733f2f8c5cf957 (diff)
download: systemd-ad901df99548bce32bc70a8794498a77981794c6.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 182645fbf4..98b07a2840 100644
--- a/NEWS
+++ b/NEWS
@@ -312,6 +312,12 @@ CHANGES WITH 253 in spe:
         * systemd-cryptenroll now supports unlocking via FIDO2 tokens (option
           --unlock-fido2-device=).
 
+        * systemd-cryptsetup now supports pre-flight requests for FIDO2 tokens
+          (except for tokens with user verification, UV) to identify tokens
+          before authentication. Multiple FIDO2 tokens can now be enrolled at
+          the same time, and systemd-cryptsetup will automatically select one
+          that corresponds to one of the available LUKS key slots.
+
         * systemd-cryptsetup now supports new options tpm2-measure-pcr= and
           tpm2-measure-bank= in crypttab(5). These allow specifying the
           PCR bank and number into which the volume key should be measured.
author	Peter Cai <peter@typeblog.net>	2023-01-25 20:47:35 -0500
committer	Peter Cai <peter@typeblog.net>	2023-01-26 09:33:28 -0500
commit	ad901df99548bce32bc70a8794498a77981794c6 (patch)
tree	5f525c872c7c1d05b407f85dd016aba3c6a676af /NEWS
parent	820c66dcfc4392e038c89f4702733f2f8c5cf957 (diff)
download	systemd-ad901df99548bce32bc70a8794498a77981794c6.tar.gz