ykfde - yubikey-based full disk encryption

Quick start:

install the package
uuidgen > /boot/yubikey-challenge
ykchalresp $(cat /boot/yubikey-challenge)
cryptsetup luksAddKey /dev/sda2 /boot/yubikey-challenge

On bootup, you will be asked to insert a yubikey (2.2 or newer) which
will then provide the response.  If you do not want to use a yubikey,
press enter and then enter a normal passphrase during bootup.

Limitations/bugs:
- uses the default ykchalresp settings, meaning no support for slot 2
- does not update the challenge after each boot.