Changeset View
Changeset View
Standalone View
Standalone View
sbin/geom/class/eli/geli.8
Show All 18 Lines | |||||
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||||
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||||
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||||
.\" SUCH DAMAGE. | .\" SUCH DAMAGE. | ||||
.\" | .\" | ||||
.\" $FreeBSD$ | .\" $FreeBSD$ | ||||
.\" | .\" | ||||
.Dd August 3, 2016 | .Dd July 27, 2017 | ||||
.Dt GELI 8 | .Dt GELI 8 | ||||
.Os | .Os | ||||
.Sh NAME | .Sh NAME | ||||
.Nm geli | .Nm geli | ||||
.Nd "control utility for the cryptographic GEOM class" | .Nd "control utility for the cryptographic GEOM class" | ||||
.Sh SYNOPSIS | .Sh SYNOPSIS | ||||
To compile GEOM_ELI into your kernel, add the following lines to your kernel | To compile GEOM_ELI into your kernel, add the following lines to your kernel | ||||
configuration file: | configuration file: | ||||
Show All 10 Lines | |||||
.Ed | .Ed | ||||
.Pp | .Pp | ||||
Usage of the | Usage of the | ||||
.Nm | .Nm | ||||
utility: | utility: | ||||
.Pp | .Pp | ||||
.Nm | .Nm | ||||
.Cm init | .Cm init | ||||
.Op Fl bgPTv | .Op Fl bghPTv | ||||
.Op Fl a Ar aalgo | .Op Fl a Ar aalgo | ||||
.Op Fl B Ar backupfile | .Op Fl B Ar backupfile | ||||
.Op Fl e Ar ealgo | .Op Fl e Ar ealgo | ||||
.Op Fl i Ar iterations | .Op Fl i Ar iterations | ||||
.Op Fl J Ar newpassfile | .Op Fl J Ar newpassfile | ||||
.Op Fl K Ar newkeyfile | .Op Fl K Ar newkeyfile | ||||
.Op Fl l Ar keylen | .Op Fl l Ar keylen | ||||
.Op Fl s Ar sectorsize | .Op Fl s Ar sectorsize | ||||
Show All 20 Lines | |||||
.Op Fl dT | .Op Fl dT | ||||
.Op Fl a Ar aalgo | .Op Fl a Ar aalgo | ||||
.Op Fl e Ar ealgo | .Op Fl e Ar ealgo | ||||
.Op Fl l Ar keylen | .Op Fl l Ar keylen | ||||
.Op Fl s Ar sectorsize | .Op Fl s Ar sectorsize | ||||
.Ar prov | .Ar prov | ||||
.Nm | .Nm | ||||
.Cm configure | .Cm configure | ||||
.Op Fl bBgGtT | .Op Fl bBgGHhtT | ||||
allanjude: this is Dd now? | |||||
.Ar prov ... | .Ar prov ... | ||||
.Nm | .Nm | ||||
.Cm setkey | .Cm setkey | ||||
.Op Fl pPv | .Op Fl pPv | ||||
.Op Fl i Ar iterations | .Op Fl i Ar iterations | ||||
.Op Fl j Ar passfile | .Op Fl j Ar passfile | ||||
.Op Fl J Ar newpassfile | .Op Fl J Ar newpassfile | ||||
.Op Fl k Ar keyfile | .Op Fl k Ar keyfile | ||||
▲ Show 20 Lines • Show All 191 Lines • ▼ Show 20 Lines | |||||
.Nm NULL . | .Nm NULL . | ||||
The default and recommended algorithm is | The default and recommended algorithm is | ||||
.Nm AES-XTS . | .Nm AES-XTS . | ||||
.Nm NULL | .Nm NULL | ||||
is unencrypted. | is unencrypted. | ||||
.It Fl g | .It Fl g | ||||
Enable booting from this encrypted root filesystem. | Enable booting from this encrypted root filesystem. | ||||
The boot loader prompts for the passphrase and loads | The boot loader prompts for the passphrase and loads | ||||
.It Fl h | |||||
allanjudeUnsubmitted Not Done Inline Actionsif this is the default, then should init only have the option to disable it? Or at least have both? allanjude: if this is the default, then should init only have the option to disable it? Or at least have… | |||||
While booting from this encrypted root filesystem disable visibility of | |||||
passphrase length. | |||||
.Xr loader 8 | .Xr loader 8 | ||||
from the encrypted partition. | from the encrypted partition. | ||||
.It Fl i Ar iterations | .It Fl i Ar iterations | ||||
Number of iterations to use with PKCS#5v2 when processing User Key | Number of iterations to use with PKCS#5v2 when processing User Key | ||||
passphrase component. | passphrase component. | ||||
If this option is not specified, | If this option is not specified, | ||||
.Nm | .Nm | ||||
will find the number of iterations which is equal to 2 seconds of crypto work. | will find the number of iterations which is equal to 2 seconds of crypto work. | ||||
▲ Show 20 Lines • Show All 185 Lines • ▼ Show 20 Lines | |||||
Remove the BOOT flag from the given providers. | Remove the BOOT flag from the given providers. | ||||
.It Fl g | .It Fl g | ||||
Enable booting from this encrypted root filesystem. | Enable booting from this encrypted root filesystem. | ||||
The boot loader prompts for the passphrase and loads | The boot loader prompts for the passphrase and loads | ||||
.Xr loader 8 | .Xr loader 8 | ||||
from the encrypted partition. | from the encrypted partition. | ||||
.It Fl G | .It Fl G | ||||
Deactivate booting from this encrypted root partition. | Deactivate booting from this encrypted root partition. | ||||
.It Fl h | |||||
While booting from this encrypted root filesystem disable visibility of | |||||
passphrase length. | |||||
.It Fl H | |||||
allanjudeUnsubmitted Not Done Inline Actionsmaybe example on this to to mention printing of * characters allanjude: maybe example on this to to mention printing of * characters | |||||
While booting from this encrypted root filesystem enable visibility of | |||||
passphrase length. | |||||
.It Fl t | .It Fl t | ||||
Enable TRIM/UNMAP passthru. | Enable TRIM/UNMAP passthru. | ||||
For more information, see the description of the | For more information, see the description of the | ||||
.Cm init | .Cm init | ||||
subcommand. | subcommand. | ||||
.It Fl T | .It Fl T | ||||
Disable TRIM/UNMAP passthru. | Disable TRIM/UNMAP passthru. | ||||
.El | .El | ||||
▲ Show 20 Lines • Show All 595 Lines • Show Last 20 Lines |
this is Dd now?