From 40a0f31f1838d4774ebd960640bfb230dc562ea1 Mon Sep 17 00:00:00 2001
From: Christian Hesse <mail@eworm.de>
Date: Sat, 16 Jan 2016 02:13:22 +0100
Subject: We have support for second factor. Yeah!

---
 README-mkinitcpio.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'README-mkinitcpio.md')

diff --git a/README-mkinitcpio.md b/README-mkinitcpio.md
index 8f25819..8043277 100644
--- a/README-mkinitcpio.md
+++ b/README-mkinitcpio.md
@@ -13,6 +13,7 @@ To compile and use yubikey full disk encryption you need:
 * [iniparser](http://ndevilla.free.fr/iniparser/)
 * [systemd](http://www.freedesktop.org/wiki/Software/systemd/)
 * [cryptsetup](http://code.google.com/p/cryptsetup/)
+* keyutils and linux with `CONFIG_KEYS`
 * [mkinitcpio](https://projects.archlinux.org/mkinitcpio.git/)
 * [markdown](http://daringfireball.net/projects/markdown/) (HTML documentation)
 * [libarchive](http://www.libarchive.org/) (Update challenge on boot)
@@ -89,4 +90,19 @@ Additionally enable `systemd` service `ykfde-cpio.service` and make your
 bootloader load the new `cpio` image `/boot/ykfde-challenges.img` (in
 addition to your usual initramfs).
 
+### Optional `ykfde-2f` hook for second factor
+
+This gives the option to add a second factor for authentication.
+With this you need your Yubikey and an additional passphrase to boot
+your systemd.
+
+Add a second factor with `ykfde`:
+
+> ykfde -s xyz
+
+Add `ykfde-2f` to your hook list in `/etc/mkinitcpio.conf` and rebuild
+your initramfs with:
+
+> mkinitcpio -p linux
+
 Reboot and have fun!
-- 
cgit v1.2.3-54-g00ecf