mirror of
https://github.com/systemd/systemd.git
synced 2024-12-22 17:35:35 +03:00
Merge pull request #26193 from aafeijoo-suse/cryptenroll-unlock-fido2-device-man-and-bash-completion-fix
Add missing --unlock-fido2-device to systemd-cryptenroll man and bash-completion
This commit is contained in:
commit
6ec7a722ba
@ -109,6 +109,17 @@
|
||||
contain the full key.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--unlock-fido2-device=</option><replaceable>PATH</replaceable></term>
|
||||
|
||||
<listitem><para>Use a FIDO2 device instead of a password/passphrase read from stdin to unlock the
|
||||
volume. Expects a <filename>hidraw</filename> device referring to the FIDO2 device (e.g.
|
||||
<filename>/dev/hidraw1</filename>). Alternatively the special value <literal>auto</literal> may be
|
||||
specified, in order to automatically determine the device node of a currently plugged in security
|
||||
token (of which there must be exactly one). This automatic discovery is unsupported if
|
||||
<option>--fido2-device=</option> option is also specified.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--pkcs11-token-uri=</option><replaceable>URI</replaceable></term>
|
||||
|
||||
@ -151,7 +162,8 @@
|
||||
extension (e.g. a YubiKey). Expects a <filename>hidraw</filename> device referring to the FIDO2
|
||||
device (e.g. <filename>/dev/hidraw1</filename>). Alternatively the special value
|
||||
<literal>auto</literal> may be specified, in order to automatically determine the device node of a
|
||||
currently plugged in security token (of which there must be exactly one). The special value
|
||||
currently plugged in security token (of which there must be exactly one). This automatic discovery
|
||||
is unsupported if <option>--unlock-fido2-device=</option> option is also specified. The special value
|
||||
<literal>list</literal> may be used to enumerate all suitable FIDO2 tokens currently plugged in. Note
|
||||
that many hardware security tokens that implement FIDO2 also implement the older PKCS#11
|
||||
standard. Typically FIDO2 is preferable, given it's simpler to use and more modern.</para>
|
||||
|
@ -51,6 +51,7 @@ _systemd-cryptenroll() {
|
||||
[STANDALONE]='-h --help --version
|
||||
--password --recovery-key'
|
||||
[ARG]='--unlock-key-file
|
||||
--unlock-fido2-device
|
||||
--pkcs11-token-uri
|
||||
--fido2-credential-algorithm
|
||||
--fido2-device
|
||||
@ -74,6 +75,9 @@ _systemd-cryptenroll() {
|
||||
comps=$(compgen -A file -- "$cur")
|
||||
compopt -o filenames
|
||||
;;
|
||||
--unlock-fido2-device)
|
||||
comps="auto $(__get_fido2_devices)"
|
||||
;;
|
||||
--pkcs11-token-uri)
|
||||
comps='auto list pkcs11:'
|
||||
;;
|
||||
|
Loading…
Reference in New Issue
Block a user