diff --git a/utils/pkgs/ykfde/scripts/ykfde_enroll b/utils/pkgs/ykfde/scripts/ykfde_enroll
index a469409..fc618a6 100755
--- a/utils/pkgs/ykfde/scripts/ykfde_enroll
+++ b/utils/pkgs/ykfde/scripts/ykfde_enroll
@@ -1,9 +1,9 @@
-#!/bin/bash -p
-
 set -euo pipefail
 
-echo "start in"
-echo "nix-shell https://github.com/sgillespie/nixos-yubikey-luks/archive/master.tar.gz"
+if [ "$EUID" -ne 0 ]
+  then echo "Please run as root"
+  exit
+fi
 
 # sanitize environment
 YKFDE_SLOT=2
@@ -24,7 +24,7 @@ if [ "$(ykinfo -q -"$YKFDE_SLOT")" != 1 ]; then
   printf '%s\n' "ERROR: Chosen YubiKey slot '$YKFDE_SLOT' isn't configured. Please insert a YubiKey with the slot configured for 'HMAC-SHA1 Challenge-Response'."
 fi
 
-while [ "$(ykinfo -q -"$YKFDE_SLOT")" != 1 ]
+while [ "$(ykinfo -q -$YKFDE_SLOT)" != 1 ]
 do
   sleep 1
 done
@@ -36,7 +36,7 @@ rbtohex() {
 YKFDE_SALT="$(dd if=/dev/random bs=1 count=$YKFDE_SALT_LENGTH 2>/dev/null | rbtohex)"
 if [ -f "$YKFDE_STORAGE" ]; then
     YKFDE_SALT="$(head -1 $YKFDE_STORAGE)"
-    echo "$FILE exists."
+    echo "Using current Salt: $YKFDE_SALT"
 fi
 YKFDE_CHALLENGE="$(echo -n $YKFDE_SALT | openssl dgst -binary -sha512 | rbtohex)"
 YKFDE_RESPONSE="$(ykchalresp -2 -x $YKFDE_CHALLENGE 2>/dev/null)"