Update README.md
This commit is contained in:
Joel Mathew Thomas
committed by
GitHub
GitHub
parent
0786c9420b
commit
ff0b9744e2
@@ -590,6 +590,7 @@ This would allow our TPM to unlock our encrypted drive, as long as the state has
|
|||||||
```
|
```
|
||||||
$ sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 --tpm2-public-key /etc/kernel/pcr-initrd.pub.pem /dev/nvme0n1p2
|
$ sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 --tpm2-public-key /etc/kernel/pcr-initrd.pub.pem /dev/nvme0n1p2
|
||||||
```
|
```
|
||||||
|
**Warning**: It is recommended to use a pin to unlock the TPM, instead of allowing it to unlock automatically, for more security.
|
||||||
|
|
||||||
```
|
```
|
||||||
Additional Flags
|
Additional Flags
|
||||||
@@ -653,7 +654,7 @@ $ sudo cryptsetup token remove --token-id 1 /dev/nvme0n1p2
|
|||||||
```
|
```
|
||||||
Here we specify `token-id` as `1` based on the previous output of `luksDump`. Specify it correspondingy depending on what the token number is on your output of `luksDump`.
|
Here we specify `token-id` as `1` based on the previous output of `luksDump`. Specify it correspondingy depending on what the token number is on your output of `luksDump`.
|
||||||
|
|
||||||
Now repeat the steps from [TPM enrollment](https://github.com/joelmathewthomas/archinstall-luks2-lvm2-secureboot-tpm2?tab=readme-ov-file#13-enrolling-the-tpm) to renroll to the TPM.
|
Now repeat the steps from [TPM enrollment](https://github.com/joelmathewthomas/archinstall-luks2-lvm2-secureboot-tpm2?tab=readme-ov-file#16-enrolling-the-tpm) to renroll to the TPM.
|
||||||
|
|
||||||
|
|
||||||
With this, the guide has mostly covered on how to install Arch Linux, Encrypt disk with LUKS2 , use logical volumes with LVM2, how to setup Secure Boot, and how to enroll the TPM.
|
With this, the guide has mostly covered on how to install Arch Linux, Encrypt disk with LUKS2 , use logical volumes with LVM2, how to setup Secure Boot, and how to enroll the TPM.
|
||||||
|
|||||||
Reference in New Issue
Block a user