man: suggest using --unlock-tpm2-device=auto in cryptenroll example

author Lennart Poettering <lennart@poettering.net>

Thu, 5 Jun 2025 12:40:42 +0000 (14:40 +0200)

committer Luca Boccassi <luca.boccassi@gmail.com>

Wed, 25 Jun 2025 17:17:42 +0000 (18:17 +0100)
author Lennart Poettering <lennart@poettering.net>
Thu, 5 Jun 2025 12:40:42 +0000 (14:40 +0200)
committer Luca Boccassi <luca.boccassi@gmail.com>
Wed, 25 Jun 2025 17:17:42 +0000 (18:17 +0100)
diff --git a/man/systemd-cryptenroll.xml b/man/systemd-cryptenroll.xml

index 2ac7d38b4126c28de194c007ce70b748a6960465..91635344a622a6767dfc48ca0c06fbe592e75b7a 100644 (file)
--- a/man/systemd-cryptenroll.xml
+++ b/man/systemd-cryptenroll.xml
@@ -632,7 +632,7 @@
          added slot is always excluded from the wiping. Combining enrollment and slot wiping may thus be used to
          update existing enrollments:</para>
  
-        <programlisting>systemd-cryptenroll /dev/sda1 --wipe-slot=tpm2 --tpm2-device=auto</programlisting>
+        <programlisting>systemd-cryptenroll /dev/sda1 --wipe-slot=tpm2 --tpm2-device=auto --unlock-tpm2-device=auto</programlisting>
  
          <para>The above command will enroll the TPM2 chip, and then wipe all previously created TPM2
          enrollments on the LUKS2 volume, leaving only the newly created one. Combining wiping and enrollment
author	Lennart Poettering <lennart@poettering.net>
	Thu, 5 Jun 2025 12:40:42 +0000 (14:40 +0200)
committer	Luca Boccassi <luca.boccassi@gmail.com>
	Wed, 25 Jun 2025 17:17:42 +0000 (18:17 +0100)