joel/archinstall-luks2-lvm2-secureboot-tpm2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
Joel Mathew Thomas
2024-09-11 23:35:39 +05:30
committed by GitHub
parent ff0b9744e2
commit 3fec16174e
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+1 -1
View File
@@ -588,7 +588,7 @@ We'll now enroll our system firmware and secure boot state.
This would allow our TPM to unlock our encrypted drive, as long as the state hasn't changed. This would allow our TPM to unlock our encrypted drive, as long as the state hasn't changed.
``` ```
$ sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 --tpm2-public-key /etc/kernel/pcr-initrd.pub.pem /dev/nvme0n1p2 $ sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 --tpm2-public-key /etc/kernel/pcr-initrd.pub.pem --tpm2-with-pin=BOOL /dev/nvme0n1p2
``` ```
**Warning**: It is recommended to use a pin to unlock the TPM, instead of allowing it to unlock automatically, for more security. **Warning**: It is recommended to use a pin to unlock the TPM, instead of allowing it to unlock automatically, for more security.