From: Antonio Alvarez Feijoo Date: Wed, 25 Jan 2023 10:58:19 +0000 (+0100) Subject: man: add missing --unlock-fido2-device to systemd-cryptenroll X-Git-Tag: v253-rc2~72^2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F26193%2Fhead;p=thirdparty%2Fsystemd.git man: add missing --unlock-fido2-device to systemd-cryptenroll --- diff --git a/man/systemd-cryptenroll.xml b/man/systemd-cryptenroll.xml index a654d492a11..1e9a4457c2c 100644 --- a/man/systemd-cryptenroll.xml +++ b/man/systemd-cryptenroll.xml @@ -109,6 +109,17 @@ contain the full key. + + PATH + + Use a FIDO2 device instead of a password/passphrase read from stdin to unlock the + volume. Expects a hidraw device referring to the FIDO2 device (e.g. + /dev/hidraw1). Alternatively the special value auto may be + specified, in order to automatically determine the device node of a currently plugged in security + token (of which there must be exactly one). This automatic discovery is unsupported if + option is also specified. + + URI @@ -151,7 +162,8 @@ extension (e.g. a YubiKey). Expects a hidraw device referring to the FIDO2 device (e.g. /dev/hidraw1). Alternatively the special value auto may be specified, in order to automatically determine the device node of a - currently plugged in security token (of which there must be exactly one). The special value + currently plugged in security token (of which there must be exactly one). This automatic discovery + is unsupported if option is also specified. The special value list may be used to enumerate all suitable FIDO2 tokens currently plugged in. Note that many hardware security tokens that implement FIDO2 also implement the older PKCS#11 standard. Typically FIDO2 is preferable, given it's simpler to use and more modern.