diff --git a/man/homectl.xml b/man/homectl.xml index 4b792173a6..f869b3352c 100644 --- a/man/homectl.xml +++ b/man/homectl.xml @@ -357,11 +357,11 @@ Takes a path to a Linux hidraw device (e.g. /dev/hidraw1), referring to a FIDO2 security token implementing the - hmac-secret extension, that shall be able to unlock the user account. If used, a - random salt value is generated on the host, which is passed to the FIDO2 device, which calculates a - HMAC hash of it, keyed by its internal secret key. The result is then used as key for unlocking the - user account. The random salt is included in the user record, so that whenever authentication is - needed it can be passed again to the FIDO2 token, to retrieve the actual key. + hmac-secret extension that shall be able to unlock the user account. A random salt + value is generated on the host and passed to the FIDO2 device, which calculates a HMAC hash of the + salt combined with an internal secret key. The result is then used as the key to unlock the user + account. The random salt is included in the user record, so that whenever authentication is needed it + can be passed again to the FIDO2 token again. Instead of a valid path to a FIDO2 hidraw device the special strings list and auto may be specified. If list is