From 5f28aa6b767c500c87d42d01acddd0a26b30159e Mon Sep 17 00:00:00 2001
From: samsepi0l <74207682+d4rklynk@users.noreply.github.com>
Date: Thu, 29 Dec 2022 16:32:04 +0100
Subject: [PATCH] Update Desktop-Linux-Hardening.md

Signed-off-by: samsepi0l <74207682+d4rklynk@users.noreply.github.com>
---
 content/posts/linux/Desktop-Linux-Hardening.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/content/posts/linux/Desktop-Linux-Hardening.md b/content/posts/linux/Desktop-Linux-Hardening.md
index 900d722..ca5f516 100644
--- a/content/posts/linux/Desktop-Linux-Hardening.md
+++ b/content/posts/linux/Desktop-Linux-Hardening.md
@@ -50,6 +50,9 @@ Then, you can finally enroll your encrypted volumes :
 
 Replace sdX with the right volume.
 
+It will ask you the passphrase (you have previously chosen with LUKS) then it will prompt you a PIN for TPM.
+The PIN should be **different** from the LUKS passphrase.
+
 If you have several volumes, you can redo the command with the right volume, etc.
 
 Finally, edit `/etc/crypttab` and add at the end of each line `tpm2-device=auto,discard`, like so :