joel/archinstall-luks2-lvm2-secureboot-tpm2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
Joel Mathew Thomas
2024-09-11 23:35:39 +05:30
committed by GitHub
parent ff0b9744e2
commit 3fec16174e
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+1 -1
View File
@@ -588,7 +588,7 @@ We'll now enroll our system firmware and secure boot state.
This would allow our TPM to unlock our encrypted drive, as long as the state hasn't changed.
```
$ sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 --tpm2-public-key /etc/kernel/pcr-initrd.pub.pem /dev/nvme0n1p2
$ sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 --tpm2-public-key /etc/kernel/pcr-initrd.pub.pem --tpm2-with-pin=BOOL /dev/nvme0n1p2
```
**Warning**: It is recommended to use a pin to unlock the TPM, instead of allowing it to unlock automatically, for more security.