Closed DemiMarie closed 1 year ago
Duplicate of https://github.com/QubesOS/qubes-issues/issues/3550
Duplicate of #3550
This issue is a duplicate of #3550 inasmuch as set of registered u2f keys is stored in qrexec policy, but that’s an implementation detail of the current code. In particular, #3550 seems to be incompatible with paranoid backup & restore mode, whereas this is not.
whereas this is not.
I don't agree. Gaining access to arbitrary U2F key is not something that a VM restored from a compromised system (via paranoid restore) should be able to get. This is really a duplicate.
This appears to be a duplicate of an existing issue. If so, please comment on the appropriate existing issue instead. If anyone believes this is not really a duplicate, please leave a comment briefly explaining why. We'll be happy to take another look and, if appropriate, reopen this issue. Thank you.
How to file a helpful issue
Qubes OS release
R4.1
Brief summary
Backing up a qube does not save its registered u2f keys.
Steps to reproduce
Back up a qube and then restore it on a different Qubes installation.
Expected behavior
The list of registered u2f keys is restored.
Actual behavior
The list of registred u2f keys is not restored.