Changeset View
Changeset View
Standalone View
Standalone View
sbin/geom/class/eli/geli.8
| Show All 18 Lines | |||||
| .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||||
| .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||||
| .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||||
| .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||||
| .\" SUCH DAMAGE. | .\" SUCH DAMAGE. | ||||
| .\" | .\" | ||||
| .\" $FreeBSD$ | .\" $FreeBSD$ | ||||
| .\" | .\" | ||||
| .Dd August 3, 2016 | .Dd July 27, 2017 | ||||
| .Dt GELI 8 | .Dt GELI 8 | ||||
| .Os | .Os | ||||
| .Sh NAME | .Sh NAME | ||||
| .Nm geli | .Nm geli | ||||
| .Nd "control utility for the cryptographic GEOM class" | .Nd "control utility for the cryptographic GEOM class" | ||||
| .Sh SYNOPSIS | .Sh SYNOPSIS | ||||
| To compile GEOM_ELI into your kernel, add the following lines to your kernel | To compile GEOM_ELI into your kernel, add the following lines to your kernel | ||||
| configuration file: | configuration file: | ||||
| Show All 10 Lines | |||||
| .Ed | .Ed | ||||
| .Pp | .Pp | ||||
| Usage of the | Usage of the | ||||
| .Nm | .Nm | ||||
| utility: | utility: | ||||
| .Pp | .Pp | ||||
| .Nm | .Nm | ||||
| .Cm init | .Cm init | ||||
| .Op Fl bgPTv | .Op Fl bghPTv | ||||
| .Op Fl a Ar aalgo | .Op Fl a Ar aalgo | ||||
| .Op Fl B Ar backupfile | .Op Fl B Ar backupfile | ||||
| .Op Fl e Ar ealgo | .Op Fl e Ar ealgo | ||||
| .Op Fl i Ar iterations | .Op Fl i Ar iterations | ||||
| .Op Fl J Ar newpassfile | .Op Fl J Ar newpassfile | ||||
| .Op Fl K Ar newkeyfile | .Op Fl K Ar newkeyfile | ||||
| .Op Fl l Ar keylen | .Op Fl l Ar keylen | ||||
| .Op Fl s Ar sectorsize | .Op Fl s Ar sectorsize | ||||
| Show All 20 Lines | |||||
| .Op Fl dT | .Op Fl dT | ||||
| .Op Fl a Ar aalgo | .Op Fl a Ar aalgo | ||||
| .Op Fl e Ar ealgo | .Op Fl e Ar ealgo | ||||
| .Op Fl l Ar keylen | .Op Fl l Ar keylen | ||||
| .Op Fl s Ar sectorsize | .Op Fl s Ar sectorsize | ||||
| .Ar prov | .Ar prov | ||||
| .Nm | .Nm | ||||
| .Cm configure | .Cm configure | ||||
| .Op Fl bBgGtT | .Op Fl bBgGHhtT | ||||
allanjude: this is Dd now? | |||||
| .Ar prov ... | .Ar prov ... | ||||
| .Nm | .Nm | ||||
| .Cm setkey | .Cm setkey | ||||
| .Op Fl pPv | .Op Fl pPv | ||||
| .Op Fl i Ar iterations | .Op Fl i Ar iterations | ||||
| .Op Fl j Ar passfile | .Op Fl j Ar passfile | ||||
| .Op Fl J Ar newpassfile | .Op Fl J Ar newpassfile | ||||
| .Op Fl k Ar keyfile | .Op Fl k Ar keyfile | ||||
| ▲ Show 20 Lines • Show All 191 Lines • ▼ Show 20 Lines | |||||
| .Nm NULL . | .Nm NULL . | ||||
| The default and recommended algorithm is | The default and recommended algorithm is | ||||
| .Nm AES-XTS . | .Nm AES-XTS . | ||||
| .Nm NULL | .Nm NULL | ||||
| is unencrypted. | is unencrypted. | ||||
| .It Fl g | .It Fl g | ||||
| Enable booting from this encrypted root filesystem. | Enable booting from this encrypted root filesystem. | ||||
| The boot loader prompts for the passphrase and loads | The boot loader prompts for the passphrase and loads | ||||
| .It Fl h | |||||
allanjudeUnsubmitted Not Done Inline Actionsif this is the default, then should init only have the option to disable it? Or at least have both? allanjude: if this is the default, then should init only have the option to disable it? Or at least have… | |||||
| While booting from this encrypted root filesystem disable visibility of | |||||
| passphrase length. | |||||
| .Xr loader 8 | .Xr loader 8 | ||||
| from the encrypted partition. | from the encrypted partition. | ||||
| .It Fl i Ar iterations | .It Fl i Ar iterations | ||||
| Number of iterations to use with PKCS#5v2 when processing User Key | Number of iterations to use with PKCS#5v2 when processing User Key | ||||
| passphrase component. | passphrase component. | ||||
| If this option is not specified, | If this option is not specified, | ||||
| .Nm | .Nm | ||||
| will find the number of iterations which is equal to 2 seconds of crypto work. | will find the number of iterations which is equal to 2 seconds of crypto work. | ||||
| ▲ Show 20 Lines • Show All 185 Lines • ▼ Show 20 Lines | |||||
| Remove the BOOT flag from the given providers. | Remove the BOOT flag from the given providers. | ||||
| .It Fl g | .It Fl g | ||||
| Enable booting from this encrypted root filesystem. | Enable booting from this encrypted root filesystem. | ||||
| The boot loader prompts for the passphrase and loads | The boot loader prompts for the passphrase and loads | ||||
| .Xr loader 8 | .Xr loader 8 | ||||
| from the encrypted partition. | from the encrypted partition. | ||||
| .It Fl G | .It Fl G | ||||
| Deactivate booting from this encrypted root partition. | Deactivate booting from this encrypted root partition. | ||||
| .It Fl h | |||||
| While booting from this encrypted root filesystem disable visibility of | |||||
| passphrase length. | |||||
| .It Fl H | |||||
allanjudeUnsubmitted Not Done Inline Actionsmaybe example on this to to mention printing of * characters allanjude: maybe example on this to to mention printing of * characters | |||||
| While booting from this encrypted root filesystem enable visibility of | |||||
| passphrase length. | |||||
| .It Fl t | .It Fl t | ||||
| Enable TRIM/UNMAP passthru. | Enable TRIM/UNMAP passthru. | ||||
| For more information, see the description of the | For more information, see the description of the | ||||
| .Cm init | .Cm init | ||||
| subcommand. | subcommand. | ||||
| .It Fl T | .It Fl T | ||||
| Disable TRIM/UNMAP passthru. | Disable TRIM/UNMAP passthru. | ||||
| .El | .El | ||||
| ▲ Show 20 Lines • Show All 595 Lines • Show Last 20 Lines | |||||
this is Dd now?