Please identify some basic details to help process the report
A. Provide Hardware Details
-
What board are you using? (Choose from the list of boards here)
-
Does your computer have a dGPU or is it iGPU-only?
-
Who installed Heads on this computer?
-
What PGP key is being used?
-
Are you using the PGP key to provide HOTP verification?
B. Identify how the board was flashed
-
Is this problem related to updating heads or flashing it for the first time?
-
If the problem is related to an update, how did you attempt to apply the update?
-
How was Heads initially flashed?
-
Was the board flashed with a maximized or non-maximized/legacy rom?
-
If Heads was externally flashed, was IFD unlocked?
C. Identify the rom related to this bug report
-
Did you download or build the rom at issue in this bug report?
-
If you downloaded your rom, where did you get it from?
Heads-v0.2.0-2407-gb36ed46
-
If you built your rom, which repository:branch did you use?
-
What version of coreboot did you use in building?
{ You can find this information from github commit ID or once flashed, by giving the complete version from Sytem Information under Options --> menu}
-
In building the rom, where did you get the blobs?
Please describe the problem
Describe the bug
After Qubes OS install the first boot complains about missing /boot signatures (as expected). Signing those boot files fails with gpg card timeout: https://openqa.qubes-os.org/tests/127914#step/firstboot/32
To Reproduce
Steps to reproduce the behavior:
- Install Qubes OS
- On first boot choose to regenerate HOTP/TOTP secret (in the options menu), follow all the steps
- Then choose to boot the OS, and see request for signing /boot files, follow all the steps
- See error
Expected behavior
/boot files signed successfully
Screenshots
Screenshots at https://openqa.qubes-os.org/tests/127914#step/firstboot/32, see also video in "Logs & Assets" tab.
Additional context
Discussed at https://matrix.to/#/!pAlHOfxQNPXOgFGTmo:matrix.org/$qAvJUl-KNB8mf0Fa4GFah2fSbD4wPNsp9EGYwUqGk94?via=matrix.org&via=nitro.chat&via=tchncs.de
@tlaurion suggested the OS reinstall case should force TPM reset route instead of HOTP/TOTP regenerate.
Please identify some basic details to help process the report
A. Provide Hardware Details
What board are you using? (Choose from the list of boards here)
Does your computer have a dGPU or is it iGPU-only?
Who installed Heads on this computer?
What PGP key is being used?
Are you using the PGP key to provide HOTP verification?
B. Identify how the board was flashed
Is this problem related to updating heads or flashing it for the first time?
If the problem is related to an update, how did you attempt to apply the update?
How was Heads initially flashed?
Was the board flashed with a maximized or non-maximized/legacy rom?
If Heads was externally flashed, was IFD unlocked?
C. Identify the rom related to this bug report
Did you download or build the rom at issue in this bug report?
If you downloaded your rom, where did you get it from?
Heads-v0.2.0-2407-gb36ed46
If you built your rom, which repository:branch did you use?
What version of coreboot did you use in building?
{ You can find this information from github commit ID or once flashed, by giving the complete version from Sytem Information under Options --> menu}
In building the rom, where did you get the blobs?
Please describe the problem
Describe the bug
After Qubes OS install the first boot complains about missing /boot signatures (as expected). Signing those boot files fails with gpg card timeout: https://openqa.qubes-os.org/tests/127914#step/firstboot/32
To Reproduce
Steps to reproduce the behavior:
Expected behavior
/boot files signed successfully
Screenshots
Screenshots at https://openqa.qubes-os.org/tests/127914#step/firstboot/32, see also video in "Logs & Assets" tab.
Additional context
Discussed at https://matrix.to/#/!pAlHOfxQNPXOgFGTmo:matrix.org/$qAvJUl-KNB8mf0Fa4GFah2fSbD4wPNsp9EGYwUqGk94?via=matrix.org&via=nitro.chat&via=tchncs.de
@tlaurion suggested the OS reinstall case should force TPM reset route instead of HOTP/TOTP regenerate.