How to configure extra devices?

[Fry-kun]

By default, Fedora installs root partition and swap partition. Both are encrypted and have the same passphrase in slot 0.

ykfde.conf asks me to choose one. It's not at all obvious if it's possible to configure multiple devices.

After configuring one (I started with swap device only, now switched to root, but behavior seems consistent, regardless), boot process asks for ykfde passphrase (2nd factor) and proceeds.. until system asks me for a password for the other partition.
At this point, I have the default Fedora LUKS key in slot 0 of both, slot 1 used/reserved for ykfde, and had now set slot 2 to different passphrases for the partitions: "asdf" for root and "qwer" for swap.

Current sequence of boot events:
...

• ykfde asks for its passphrase (for root)
• I touch YK (see Need to ask user to "Touch yubikey to continue" #12), then enter the ykfde passphrase
• after some output, system asks for LUKS passphrase for swap, I enter "qwer"
• system confirms that swap is now unlocked
• system asks for LUKS passphrase for root

...so ykfde failed to unlock? ...oops :(

Note: using https://copr.fedorainfracloud.org/coprs/bpereto/ykfde/packages/ which seems to be a repackage of this repo. Can compile from source if necessary.

[bpereto]

My Workstation is running out of space. so I added a new Disk and luksFormated and added it to my crypttab.

Now I have the same problem that ykfde only handles one luks device.

[stevesbrain]

May not quite be a solution, but, why not switch to using a dynamic key for swap, rather than persistent? As swap itself is not persistent, this shouldn't impact you, and it does resolve your issue.

[PhotonQuantum]

Any progress on this issue? I'm going to use hibernation, so decrypting swap with ykfde is necessary.