joel/archinstall-luks2-lvm2-secureboot-tpm2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
Joel Mathew Thomas
2024-06-27 10:56:02 +05:30
committed by GitHub
parent ed37219921
commit 9bbdd3b54a
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+2 -2
View File
@@ -528,7 +528,7 @@ We'll now enroll our system firmware and secure boot state.
This would allow our TPM to unlock our encrypted drive, as long as the state hasn't changed. This would allow our TPM to unlock our encrypted drive, as long as the state hasn't changed.
``` ```
$ sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=7+11 /dev/nvme0n1p2 $ sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 /dev/nvme0n1p2
``` ```
``` ```
@@ -552,7 +552,7 @@ Now if at some point later in time, our secure boot state has changed, the TPM w
This can be done in a very short step and is less prone to error by running the following command: This can be done in a very short step and is less prone to error by running the following command:
``` ```
systemd-cryptenroll --wipe-slot=tpm2 /dev/<device> --tpm2-pcrs=7+11 systemd-cryptenroll --wipe-slot=tpm2 /dev/<device> --tpm2-pcrs=0+7
``` ```
Or, if you prefer to do it manually, do the following: Or, if you prefer to do it manually, do the following: