summaryrefslogtreecommitdiffstats
path: root/README-mkinitcpio.md
diff options
context:
space:
mode:
authorGravatar Christian Hesse <mail@eworm.de>2016-01-16 02:13:22 +0100
committerGravatar Christian Hesse <mail@eworm.de>2016-01-16 02:26:21 +0100
commit40a0f31f1838d4774ebd960640bfb230dc562ea1 (patch)
treed2997424c305efd41a210432f1fad8aa9f6d88ee /README-mkinitcpio.md
parentf4c501575f6c6119acc8177406612bdfafab3cb3 (diff)
downloadmkinitcpio-ykfde-40a0f31f1838d4774ebd960640bfb230dc562ea1.tar.gz
mkinitcpio-ykfde-40a0f31f1838d4774ebd960640bfb230dc562ea1.tar.zst
We have support for second factor. Yeah!
Diffstat (limited to 'README-mkinitcpio.md')
-rw-r--r--README-mkinitcpio.md16
1 files changed, 16 insertions, 0 deletions
diff --git a/README-mkinitcpio.md b/README-mkinitcpio.md
index 8f25819..8043277 100644
--- a/README-mkinitcpio.md
+++ b/README-mkinitcpio.md
@@ -13,6 +13,7 @@ To compile and use yubikey full disk encryption you need:
* [iniparser](http://ndevilla.free.fr/iniparser/)
* [systemd](http://www.freedesktop.org/wiki/Software/systemd/)
* [cryptsetup](http://code.google.com/p/cryptsetup/)
+* keyutils and linux with `CONFIG_KEYS`
* [mkinitcpio](https://projects.archlinux.org/mkinitcpio.git/)
* [markdown](http://daringfireball.net/projects/markdown/) (HTML documentation)
* [libarchive](http://www.libarchive.org/) (Update challenge on boot)
@@ -89,4 +90,19 @@ Additionally enable `systemd` service `ykfde-cpio.service` and make your
bootloader load the new `cpio` image `/boot/ykfde-challenges.img` (in
addition to your usual initramfs).
+### Optional `ykfde-2f` hook for second factor
+
+This gives the option to add a second factor for authentication.
+With this you need your Yubikey and an additional passphrase to boot
+your systemd.
+
+Add a second factor with `ykfde`:
+
+> ykfde -s xyz
+
+Add `ykfde-2f` to your hook list in `/etc/mkinitcpio.conf` and rebuild
+your initramfs with:
+
+> mkinitcpio -p linux
+
Reboot and have fun!