@exfil nice thanks for the info!
@oxo gdm-login & sudo:
https://docs.nitrokey.com/fido2/linux/desktop-login
@oxo and for SSH:
https://www.nitrokey.com/solutions/ssh
# key generation
ssh-keygen -t ecdsa-sk -O resident
# key usage (on other machies, from fido2 key):
ssh-add -K
# Links:
https://www.stavros.io/posts/u2f-fido2-with-ssh/
https://www.nitrokey.com/solutions/ssh
@oxo
# LUKS Setup
# Check luks details of your drive
cryptsetup luksDump /dev/sda3
# Enroll fido2
systemd-cryptenroll --fido2-device=auto \
--fido2-with-client-pin=true \
--fido2-with-user-presence=true /dev/sda3
# Modify /etc/crypttab
luks-xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx UUID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx - fido2-device=auto
# Regenerate initramfs
dracut --regenerate-all --force