NEWS: Add entry about support for multiple FIDO2 tokens

author Peter Cai <peter@typeblog.net>

Thu, 26 Jan 2023 01:47:35 +0000 (20:47 -0500)

committer Peter Cai <peter@typeblog.net>

Thu, 26 Jan 2023 14:33:28 +0000 (09:33 -0500)
author Peter Cai <peter@typeblog.net>
Thu, 26 Jan 2023 01:47:35 +0000 (20:47 -0500)
committer Peter Cai <peter@typeblog.net>
Thu, 26 Jan 2023 14:33:28 +0000 (09:33 -0500)
diff --git a/NEWS b/NEWS

index 182645fbf41a337e127e3fb2bd578a6c54a65ba0..98b07a28405e622ae6e258f39cc41882d15f3658 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -312,6 +312,12 @@ CHANGES WITH 253 in spe:
          * systemd-cryptenroll now supports unlocking via FIDO2 tokens (option
            --unlock-fido2-device=).
  
+        * systemd-cryptsetup now supports pre-flight requests for FIDO2 tokens
+          (except for tokens with user verification, UV) to identify tokens
+          before authentication. Multiple FIDO2 tokens can now be enrolled at
+          the same time, and systemd-cryptsetup will automatically select one
+          that corresponds to one of the available LUKS key slots.
+
          * systemd-cryptsetup now supports new options tpm2-measure-pcr= and
            tpm2-measure-bank= in crypttab(5). These allow specifying the
            PCR bank and number into which the volume key should be measured.
author	Peter Cai <peter@typeblog.net>
	Thu, 26 Jan 2023 01:47:35 +0000 (20:47 -0500)
committer	Peter Cai <peter@typeblog.net>
	Thu, 26 Jan 2023 14:33:28 +0000 (09:33 -0500)