Differential D20344 Diff 57809 head/lib/geom/eli/geli.8

Changeset View

Standalone View

head/lib/geom/eli/geli.8

	Show All 18 Lines
	.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)			.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT			.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY			.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF			.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	.\" SUCH DAMAGE.			.\" SUCH DAMAGE.
	.\"			.\"
	.\" $FreeBSD$			.\" $FreeBSD$
	.\"			.\"
	.Dd April 3, 2019			.Dd May 23, 2019
	.Dt GELI 8			.Dt GELI 8
	.Os			.Os
	.Sh NAME			.Sh NAME
	.Nm geli			.Nm geli
	.Nd "control utility for the cryptographic GEOM class"			.Nd "control utility for the cryptographic GEOM class"
	.Sh SYNOPSIS			.Sh SYNOPSIS
	To compile GEOM_ELI into your kernel, add the following lines to your kernel			To compile GEOM_ELI into your kernel, add the following lines to your kernel
	configuration file:			configuration file:
	▲ Show 20 Lines • Show All 860 Lines • ▼ Show 20 Lines
	.It Va kern.geom.eli.key_cache_misses			.It Va kern.geom.eli.key_cache_misses
	Reports how many times we were looking up a Data Key and it was not in cache.			Reports how many times we were looking up a Data Key and it was not in cache.
	This sysctl is not updated for providers that need fewer Data Keys than the limit			This sysctl is not updated for providers that need fewer Data Keys than the limit
	specified in			specified in
	.Va kern.geom.eli.key_cache_limit .			.Va kern.geom.eli.key_cache_limit .
	.El			.El
	.Sh EXIT STATUS			.Sh EXIT STATUS
	Exit status is 0 on success, and 1 if the command fails.			Exit status is 0 on success, and 1 if the command fails.
				.Sh DEPRECATION NOTICE
				Support for the
				.Nm Blowfish-CBC
				and
				.Nm 3DES-CBC
				cryptographic algorithms and
				.Nm HMAC/MD5
				authentication algorithm will be removed in
				.Fx 13.0 .
				New volumes cannot be created using these algorithms.
				Existing volumes should be migrated to a new volume that uses
				non-deprecated algorithms.
	.Sh EXAMPLES			.Sh EXAMPLES
	Initialize a provider which is going to be encrypted with a			Initialize a provider which is going to be encrypted with a
	passphrase and random data from a file on the user's pen drive.			passphrase and random data from a file on the user's pen drive.
	Use 4kB sector size.			Use 4kB sector size.
	Attach the provider, create a filesystem, and mount it.			Attach the provider, create a filesystem, and mount it.
	Do the work.			Do the work.
	Unmount the provider and detach it:			Unmount the provider and detach it:
	.Bd -literal -offset indent			.Bd -literal -offset indent
	▲ Show 20 Lines • Show All 217 Lines • ▼ Show 20 Lines
	.Xr crypto 9			.Xr crypto 9
	.Sh HISTORY			.Sh HISTORY
	The			The
	.Nm			.Nm
	utility appeared in			utility appeared in
	.Fx 6.0 .			.Fx 6.0 .
	Support for the			Support for the
	.Nm Camellia			.Nm Camellia
	block cipher is implemented by Yoshisato Yanagisawa in			block cipher was implemented by Yoshisato Yanagisawa in
	.Fx 7.0 .			.Fx 7.0 .
	.Pp			.Pp
	Highest			Highest
	.Nm GELI			.Nm GELI
	metadata version supported by the given FreeBSD version:			metadata version supported by the given FreeBSD version:
	.Bl -column -offset indent ".Sy FreeBSD" ".Sy version"			.Bl -column -offset indent ".Sy FreeBSD" ".Sy version"
	.It Sy FreeBSD Ta Sy GELI			.It Sy FreeBSD Ta Sy GELI
	.It Sy version Ta Sy version			.It Sy version Ta Sy version
	Show All 23 Lines