diff options
| author | Lennart Poettering <lennart@poettering.net> | 2021-05-28 16:45:12 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2021-05-28 16:45:12 +0200 |
| commit | 72c154226753cb9b0cfad1552c1b958d3889118c (patch) | |
| tree | 13bcb1fe72b8390ae11fbb734327ff51206e8b0e /man/systemd-cryptenroll.xml | |
| parent | 3cc00ba60594cbce0aa416e54b846988376685f8 (diff) | |
| download | systemd-72c154226753cb9b0cfad1552c1b958d3889118c.tar.gz | |
man: document that FIDO2 uv/up/clientPin feature support is now handled gracefully
Diffstat (limited to 'man/systemd-cryptenroll.xml')
| -rw-r--r-- | man/systemd-cryptenroll.xml | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/man/systemd-cryptenroll.xml b/man/systemd-cryptenroll.xml index 097cf7518b..d5719bc463 100644 --- a/man/systemd-cryptenroll.xml +++ b/man/systemd-cryptenroll.xml @@ -128,8 +128,11 @@ <varlistentry> <term><option>--fido2-with-client-pin=</option><replaceable>BOOL</replaceable></term> - <listitem><para>When enrolling a FIDO2 security token, controls whether to require the user to - enter a PIN when unlocking the volume. Defaults to <literal>yes</literal>.</para></listitem> + <listitem><para>When enrolling a FIDO2 security token, controls whether to require the user to enter + a PIN when unlocking the volume (the FIDO2 <literal>clientPin</literal> feature). Defaults to + <literal>yes</literal>. (Note: this setting is without effect if the security token does not support + the <literal>clientPin</literal> feature at all, or does not allow enabling or disabling + it.)</para></listitem> </varlistentry> <varlistentry> @@ -137,7 +140,8 @@ <listitem><para>When enrolling a FIDO2 security token, controls whether to require the user to verify presence (tap the token, the FIDO2 <literal>up</literal> feature) when unlocking the volume. - Defaults to <literal>yes</literal>. + Defaults to <literal>yes</literal>. (Note: this setting is without effect if the security token does not support + the <literal>up</literal> feature at all, or does not allow enabling or disabling it.) </para></listitem> </varlistentry> @@ -145,8 +149,9 @@ <term><option>--fido2-with-user-verification=</option><replaceable>BOOL</replaceable></term> <listitem><para>When enrolling a FIDO2 security token, controls whether to require user verification - when unlocking the volume (the FIDO2 <literal>uv</literal> feature)). Defaults to <literal>no</literal>. - </para></listitem> + when unlocking the volume (the FIDO2 <literal>uv</literal> feature). Defaults to + <literal>no</literal>. (Note: this setting is without effect if the security token does not support + the <literal>uv</literal> feature at all, or does not allow enabling or disabling it.)</para></listitem> </varlistentry> <varlistentry> |