FIDO2 (YubiKey) to unlock LUKS from command line

Following the [example](https://0pointer.net/blog/unlocking-luks2-volumes-with-tpm2-fido2-pkcs11-security-hardware-on-systemd-248.html) of how to add a FIDO2 key from a YubiKey, but I can't figure out how to use the YubiKey to unlock it form the command line. The instructions talk about unlocking at boot--but that's not what I want. # Setup Make a 128 MiB file, make it a block device on loop0 and setup LUKS.

$ dd if=/dev/urandom of=disk.bin bs=1M count=128 
128+0 records in
128+0 records out
134217728 bytes (134 MB, 128 MiB) copied, 0.534038 s, 251 MB/s
$ losetup /dev/loop0 disk.bin 
$ cryptsetup luksFormat -y /dev/loop0

WARNING!
========
This will overwrite data on /dev/loop0 irrevocably.

Are you sure? (Type 'yes' in capital letters): YES
Enter passphrase for temp.bin: 
Verify passphrase:

Add the Yubikey.

$ systemd-cryptenroll /dev/loop0 --fido2-device=auto  --fido2-with-client-pin=yes
🔐 Please enter current passphrase for disk /dev/loop0: ****                    
Requested to lock with PIN, but FIDO2 device /dev/hidraw9 does not support it, disabling.
Initializing FIDO2 credential on security token.
👆 (Hint: This might require confirmation of user presence on security token.)
Generating secret key on FIDO2 security token.
👆 In order to allow secret key generation, please confirm presence on security token.
New FIDO2 token enrolled as key slot 1.

Remove the the non-FIDO2 key.

$ cryptsetup -q -v luksKillSlot /dev/loop0 0
Keyslot 0 is selected for deletion.
Key slot 0 removed.
Command successful.

# Problem Now what? This doesn't work:

$ cryptsetup open /dev/loop0 loop0_encrypted
Enter passphrase for disk.bin:

I now have a LUKS disk but I don't know how to unlock it. All tutorials I found say to make modifications to /etc/crypttab and give instructions for mounts at boot. I want to mount without rebooting and (preferably) without modifying /etc/crypttab. What am I missing?