On Tue, Feb 02, 2021 at 10:50:39PM +0100, Stefan Sperling wrote:
The idea of protecting key disks with a passphrase (two-factor auth) has been raised before. It has not been implemented yet, simply because nobody has done the work. A search of the mailing list archives should yield some prior discussion.
How about backup keys, so I can have a backup passphrase stored somewhere safely that works even if I lose my keydisk?
FWIW I ran into the same problem as the OP when trying to put the bootloader on external media.
