You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[Question] Is there a way to use FIDO2 AND have a passwd as fallback?
I'm aware that you could use the masterkey if you loose your token like this:
$ gocryptfs cipher plain -masterkey <key-here>
Using explicit master key.
THE MASTER KEY IS VISIBLE VIA "ps ax" AND MAY BE STORED IN YOUR SHELL HISTORY!
ONLY USE THIS MODE FOR EMERGENCIES
But:
Is there a way to have an additional passwd?
Is there a way to support 2 FIDO2 on the same crypted dir at the same time?
The text was updated successfully, but these errors were encountered:
I am also interested in this. Hardware key developers insist on registering at least 2 keys in case of loss or failure of one. Yes, it is possible to access using the master key but but there is no way to change the hardware key to another one or change the key to a passphrase. Currently, if you lose your hardware key, you must create a new vault with a new hardware key and migrate data from the old vault to the new one. This is not a problem if the amount of data is small, otherwise it is not convenient. When trying to change the password of a fido2-encrypted storage, we get an error
gocryptfs -passwd -fido2 /dev/XXX /test/.crypt/
FIDO2 Secret: interact with your device ...
Decrypting master key
Password change is not supported on FIDO2-enabled filesystems.
[Question] Is there a way to use FIDO2 AND have a passwd as fallback?
I'm aware that you could use the masterkey if you loose your token like this:
But:
The text was updated successfully, but these errors were encountered: