diff options
Diffstat (limited to 'man/systemd-cryptenroll.xml')
-rw-r--r-- | man/systemd-cryptenroll.xml | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/man/systemd-cryptenroll.xml b/man/systemd-cryptenroll.xml index 097cf7518b..d5719bc463 100644 --- a/man/systemd-cryptenroll.xml +++ b/man/systemd-cryptenroll.xml @@ -128,8 +128,11 @@ <varlistentry> <term><option>--fido2-with-client-pin=</option><replaceable>BOOL</replaceable></term> - <listitem><para>When enrolling a FIDO2 security token, controls whether to require the user to - enter a PIN when unlocking the volume. Defaults to <literal>yes</literal>.</para></listitem> + <listitem><para>When enrolling a FIDO2 security token, controls whether to require the user to enter + a PIN when unlocking the volume (the FIDO2 <literal>clientPin</literal> feature). Defaults to + <literal>yes</literal>. (Note: this setting is without effect if the security token does not support + the <literal>clientPin</literal> feature at all, or does not allow enabling or disabling + it.)</para></listitem> </varlistentry> <varlistentry> @@ -137,7 +140,8 @@ <listitem><para>When enrolling a FIDO2 security token, controls whether to require the user to verify presence (tap the token, the FIDO2 <literal>up</literal> feature) when unlocking the volume. - Defaults to <literal>yes</literal>. + Defaults to <literal>yes</literal>. (Note: this setting is without effect if the security token does not support + the <literal>up</literal> feature at all, or does not allow enabling or disabling it.) </para></listitem> </varlistentry> @@ -145,8 +149,9 @@ <term><option>--fido2-with-user-verification=</option><replaceable>BOOL</replaceable></term> <listitem><para>When enrolling a FIDO2 security token, controls whether to require user verification - when unlocking the volume (the FIDO2 <literal>uv</literal> feature)). Defaults to <literal>no</literal>. - </para></listitem> + when unlocking the volume (the FIDO2 <literal>uv</literal> feature). Defaults to + <literal>no</literal>. (Note: this setting is without effect if the security token does not support + the <literal>uv</literal> feature at all, or does not allow enabling or disabling it.)</para></listitem> </varlistentry> <varlistentry> |