From: Jonathan Conder <jono.conder@gmail.com>
Date: Wed, 17 Apr 2024 20:01:27 +0000 (+1200)
Subject: man: document other keyname options for pam_systemd_loadkey
X-Git-Tag: v256-rc1~137^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F32326%2Fhead;p=thirdparty%2Fsystemd.git

man: document other keyname options for pam_systemd_loadkey
---

diff --git a/man/pam_systemd_loadkey.xml b/man/pam_systemd_loadkey.xml
index ab99b1e7523..13d1686bd1e 100644
--- a/man/pam_systemd_loadkey.xml
+++ b/man/pam_systemd_loadkey.xml
@@ -49,9 +49,47 @@
         <term><varname>keyname=</varname></term>
 
         <listitem><para>Takes a string argument which sets the keyname to read.
-        The default is <literal>cryptsetup</literal>, which is used by
+        The default is <literal>cryptsetup</literal>.
+        During boot,
         <citerefentry><refentrytitle>systemd-cryptsetup@.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
-        to store LUKS passphrase during boot.</para>
+        stores a passphrase or PIN in the keyring.
+        The LUKS2 volume key can also be used, via the <option>link-volume-key</option> option in
+        <citerefentry><refentrytitle>crypttab</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
+
+        <table>
+          <title>
+            Possible values for <varname>keyname</varname>.
+          </title>
+
+          <tgroup cols='2'>
+            <colspec colname='value' />
+            <colspec colname='description' />
+            <thead>
+              <row>
+                <entry>Value</entry>
+                <entry>Description</entry>
+              </row>
+            </thead>
+            <tbody>
+              <row>
+                <entry>cryptsetup</entry>
+                <entry>Passphrase or recovery key</entry>
+              </row>
+              <row>
+                <entry>fido2-pin</entry>
+                <entry>Security token PIN</entry>
+              </row>
+              <row>
+                <entry>luks2-pin</entry>
+                <entry>LUKS2 token PIN</entry>
+              </row>
+              <row>
+                <entry>tpm2-pin</entry>
+                <entry>TPM2 PIN</entry>
+              </row>
+            </tbody>
+          </tgroup>
+        </table>
 
         <xi:include href="version-info.xml" xpointer="v255"/></listitem>
       </varlistentry>