From: Peter Cai <peter@typeblog.net>
Date: Thu, 26 Jan 2023 01:47:35 +0000 (-0500)
Subject: NEWS: Add entry about support for multiple FIDO2 tokens
X-Git-Tag: v253-rc2~53^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F26209%2Fhead;p=thirdparty%2Fsystemd.git

NEWS: Add entry about support for multiple FIDO2 tokens
---

diff --git a/NEWS b/NEWS
index 182645fbf41..98b07a28405 100644
--- a/NEWS
+++ b/NEWS
@@ -312,6 +312,12 @@ CHANGES WITH 253 in spe:
         * systemd-cryptenroll now supports unlocking via FIDO2 tokens (option
           --unlock-fido2-device=).
 
+        * systemd-cryptsetup now supports pre-flight requests for FIDO2 tokens
+          (except for tokens with user verification, UV) to identify tokens
+          before authentication. Multiple FIDO2 tokens can now be enrolled at
+          the same time, and systemd-cryptsetup will automatically select one
+          that corresponds to one of the available LUKS key slots.
+
         * systemd-cryptsetup now supports new options tpm2-measure-pcr= and
           tpm2-measure-bank= in crypttab(5). These allow specifying the
           PCR bank and number into which the volume key should be measured.