man: suggest using --unlock-tpm2-device=auto in cryptenroll example

author Lennart Poettering <lennart@poettering.net>

Thu, 5 Jun 2025 12:40:42 +0000 (14:40 +0200)

committer Luca Boccassi <luca.boccassi@gmail.com>

Thu, 5 Jun 2025 13:10:32 +0000 (14:10 +0100)
author Lennart Poettering <lennart@poettering.net>
Thu, 5 Jun 2025 12:40:42 +0000 (14:40 +0200)
committer Luca Boccassi <luca.boccassi@gmail.com>
Thu, 5 Jun 2025 13:10:32 +0000 (14:10 +0100)
diff --git a/man/systemd-cryptenroll.xml b/man/systemd-cryptenroll.xml

index 5572510e1ff7c1264aff0b4a767fd9eb9ac83449..e27ae4288e01d8accc12958a33726b778733d95c 100644 (file)
--- a/man/systemd-cryptenroll.xml
+++ b/man/systemd-cryptenroll.xml
@@ -699,7 +699,7 @@
          added slot is always excluded from the wiping. Combining enrollment and slot wiping may thus be used to
          update existing enrollments:</para>
  
-        <programlisting>systemd-cryptenroll /dev/sda1 --wipe-slot=tpm2 --tpm2-device=auto</programlisting>
+        <programlisting>systemd-cryptenroll /dev/sda1 --wipe-slot=tpm2 --tpm2-device=auto --unlock-tpm2-device=auto</programlisting>
  
          <para>The above command will enroll the TPM2 chip, and then wipe all previously created TPM2
          enrollments on the LUKS2 volume, leaving only the newly created one. Combining wiping and enrollment
author	Lennart Poettering <lennart@poettering.net>
	Thu, 5 Jun 2025 12:40:42 +0000 (14:40 +0200)
committer	Luca Boccassi <luca.boccassi@gmail.com>
	Thu, 5 Jun 2025 13:10:32 +0000 (14:10 +0100)