geli.8 (0269ae4c19ad779b43b0d6e2416ac7386945d692) geli.8 (9168ef5be39f5da8e4f562279895e5dd57bfe376)
1.\" Copyright (c) 2005-2019 Pawel Jakub Dawidek <pawel@dawidek.net>
2.\" All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\" notice, this list of conditions and the following disclaimer.

--- 10 unchanged lines hidden (view full) ---

19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
23.\" SUCH DAMAGE.
24.\"
25.\" $FreeBSD$
26.\"
1.\" Copyright (c) 2005-2019 Pawel Jakub Dawidek <pawel@dawidek.net>
2.\" All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\" notice, this list of conditions and the following disclaimer.

--- 10 unchanged lines hidden (view full) ---

19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
23.\" SUCH DAMAGE.
24.\"
25.\" $FreeBSD$
26.\"
27.Dd May 23, 2019
27.Dd March 19, 2020
28.Dt GELI 8
29.Os
30.Sh NAME
31.Nm geli
32.Nd "control utility for the cryptographic GEOM class"
33.Sh SYNOPSIS
34To compile GEOM_ELI into your kernel, add the following lines to your kernel
35configuration file:

--- 972 unchanged lines hidden (view full) ---

1008.Pp
1009If there is only one keyfile, the index might be omitted:
1010.Bd -literal -offset indent
1011geli_da1s3a_keyfile_load="YES"
1012geli_da1s3a_keyfile_type="da1s3a:geli_keyfile"
1013geli_da1s3a_keyfile_name="/boot/keys/da1s3a.key"
1014.Ed
1015.Pp
28.Dt GELI 8
29.Os
30.Sh NAME
31.Nm geli
32.Nd "control utility for the cryptographic GEOM class"
33.Sh SYNOPSIS
34To compile GEOM_ELI into your kernel, add the following lines to your kernel
35configuration file:

--- 972 unchanged lines hidden (view full) ---

1008.Pp
1009If there is only one keyfile, the index might be omitted:
1010.Bd -literal -offset indent
1011geli_da1s3a_keyfile_load="YES"
1012geli_da1s3a_keyfile_type="da1s3a:geli_keyfile"
1013geli_da1s3a_keyfile_name="/boot/keys/da1s3a.key"
1014.Ed
1015.Pp
1016By convention, these loader variables are called
1017.Sm off
1018.Va geli_ No < Ar device No > Va _load .
1019.Sm on
1020However, the actual name prefix before
1021.Va _load , _type ,
1022or
1023.Va _name
1024does not matter.
1025At boot time, the
1026.Nm
1027module searches through all
1028.Sm off
1029.No < Va prefix No > Va _type No -like
1030.Sm on
1031variables that have a value of
1032.Sm off
1033.Dq < Ar device No > :geli_keyfile .
1034.Sm on
1035The paths to keyfiles are then extracted from
1036.Sm off
1037.No < Ar prefix No > Va _name
1038.Sm on
1039variables.
1040In the example above,
1041.Ar prefix
1042is
1043.Dq Li geli_da1s3a_keyfile .
1044.Pp
1016Not only configure encryption, but also data integrity verification using
1017.Nm HMAC/SHA256 .
1018.Bd -literal -offset indent
1019# geli init -a hmac/sha256 -s 4096 /dev/da0
1020Enter new passphrase:
1021Reenter new passphrase:
1022# geli attach /dev/da0
1023Enter passphrase:

--- 157 unchanged lines hidden --- 		1045Not only configure encryption, but also data integrity verification using
1046.Nm HMAC/SHA256 .
1047.Bd -literal -offset indent
1048# geli init -a hmac/sha256 -s 4096 /dev/da0
1049Enter new passphrase:
1050Reenter new passphrase:
1051# geli attach /dev/da0
1052Enter passphrase:

--- 157 unchanged lines hidden ---