From 1c02924892b0ee0e325677351667bad799b7a254 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 4 May 2016 21:14:16 +0200 Subject: update documentation * Use long version of switches. * Use --new-2nd-factor (instead of --2nd-factor) for initialization. --- README-mkinitcpio.md | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) (limited to 'README-mkinitcpio.md') diff --git a/README-mkinitcpio.md b/README-mkinitcpio.md index 78c0052..adc07cc 100644 --- a/README-mkinitcpio.md +++ b/README-mkinitcpio.md @@ -70,20 +70,24 @@ After that run: > ykfde This will store a challenge in `/etc/ykfde.d/` and add a new slot to -your LUKS device. When `ykfde` asks for a password it requires a valid -password from available slot. +your LUKS device. When `ykfde` asks for a passphrase it requires a valid +passphrase from available slot. -Adding a key with second factor is as easy: +Alternatively, adding a key with second factor is as easy: -> ykfde -s 2nd-factor +> ykfde --new-2nd-factor 2nd-factor -And updating key and second factor is straight forward: +To update the challenge run: -> ykfde -s old-2nd-factor -n new-2nd-factor +> ykfde --2nd-factor 2nd-factor + +And changing second factor is straight forward: + +> ykfde --2nd-factor current-2nd-factor --new-2nd-factor new-2nd-factor The second factor can be read from terminal, increasing security by not -displaying on display and not writing to shell history. Use capital -switches (`-S` and `-N`) for that. +displaying on display and not writing to shell history. Use switches +`--ask-2nd-factor` and `--ask-new-2nd-factor` for that. Make sure to enable second factor in `/etc/ykfde.conf`. -- cgit v1.2.3-54-g00ecf