FIDO2 device removal instructions (#21426)

author Robert-L-Turner <37597024+Robert-L-Turner@users.noreply.github.com>

Mon, 22 Nov 2021 11:43:44 +0000 (19:43 +0800)

committer Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>

Tue, 11 Jan 2022 17:45:45 +0000 (18:45 +0100)
author Robert-L-Turner <37597024+Robert-L-Turner@users.noreply.github.com>
Mon, 22 Nov 2021 11:43:44 +0000 (19:43 +0800)
committer Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Tue, 11 Jan 2022 17:45:45 +0000 (18:45 +0100)
diff --git a/man/homectl.xml b/man/homectl.xml

index 4b0b120ca8c23ba7abc0c62b2cd4fec6cba2766f..8ba9e50885580ac6a5dc45c89471cf893569579b 100644 (file)
--- a/man/homectl.xml
+++ b/man/homectl.xml
@@ -372,6 +372,9 @@
          <para>Note that FIDO2 devices suitable for this option must implement the
          <literal>hmac-secret</literal> extension. Most current devices (such as the YubiKey 5 series) do. If
          the extension is not implemented the device cannot be used for unlocking home directories.</para>
+          
+        <para>The FIDO2 device may be subsequently removed by setting the device path to an empty string 
+        (e.g. <command>homectl update $USER --fido2-device=""</command>).</para>
  
          <para>Note that many hardware security tokens implement both FIDO2 and PKCS#11/PIV (and thus may be
          used with either <option>--fido2-device=</option> or <option>--pkcs11-token-uri=</option>), for a
author	Robert-L-Turner <37597024+Robert-L-Turner@users.noreply.github.com>
	Mon, 22 Nov 2021 11:43:44 +0000 (19:43 +0800)
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
	Tue, 11 Jan 2022 17:45:45 +0000 (18:45 +0100)