| geli.8 (fcc9702f059c4d3cc75de91247580d5a1d7bdb43) | geli.8 (9af25ea3bb5e84846eeb9f39a064bd0a31851cb6) |
|---|---|
| 1.\" Copyright (c) 2005-2019 Pawel Jakub Dawidek <pawel@dawidek.net> 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 10 unchanged lines hidden (view full) --- 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" | 1.\" Copyright (c) 2005-2019 Pawel Jakub Dawidek <pawel@dawidek.net> 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 10 unchanged lines hidden (view full) --- 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" |
| 27.Dd July 20, 2020 | 27.Dd July 22, 2020 |
| 28.Dt GELI 8 29.Os 30.Sh NAME 31.Nm geli 32.Nd "control utility for the cryptographic GEOM class" 33.Sh SYNOPSIS 34To compile GEOM_ELI into your kernel, add the following lines to your kernel 35configuration file: --- 1089 unchanged lines hidden (view full) --- 1125for example. 1126This key should be protected by a passphrase, which 1127is requested when geli init is called. 1128.Bd -literal -offset indent 1129# dd if=/dev/random of=/root/private0.key bs=64 count=1 1130# geli init -K /root/private0.key -s 4096 /dev/md0 1131Enter new passphrase: 1132Reenter new passphrase: | 28.Dt GELI 8 29.Os 30.Sh NAME 31.Nm geli 32.Nd "control utility for the cryptographic GEOM class" 33.Sh SYNOPSIS 34To compile GEOM_ELI into your kernel, add the following lines to your kernel 35configuration file: --- 1089 unchanged lines hidden (view full) --- 1125for example. 1126This key should be protected by a passphrase, which 1127is requested when geli init is called. 1128.Bd -literal -offset indent 1129# dd if=/dev/random of=/root/private0.key bs=64 count=1 1130# geli init -K /root/private0.key -s 4096 /dev/md0 1131Enter new passphrase: 1132Reenter new passphrase: |
| 1133# geli attach -k /root/private0.key /dev/md0 1134Enter passphrase: |
|
| 1133# dd if=/dev/random of=/dev/md0.eli bs=1m 1134.Ed 1135.Pp 1136Once the initialization of the 1137.Pa /dev/md0.eli 1138device is ready create a UFS filesystem and mount it for example in 1139.Pa /private . 1140.Bd -literal -offset indent --- 4 unchanged lines hidden (view full) --- 1145After a system reboot the 1146.Nm 1147device can be mounted again with the following commands. 1148The call of geli attach will ask for the passphrase. 1149It is recommended to do this procedure after the boot, because otherwise 1150the boot process would be waiting for the passphrase input. 1151.Bd -literal -offset indent 1152# geli attach -k /root/private0.key /dev/md0 | 1135# dd if=/dev/random of=/dev/md0.eli bs=1m 1136.Ed 1137.Pp 1138Once the initialization of the 1139.Pa /dev/md0.eli 1140device is ready create a UFS filesystem and mount it for example in 1141.Pa /private . 1142.Bd -literal -offset indent --- 4 unchanged lines hidden (view full) --- 1147After a system reboot the 1148.Nm 1149device can be mounted again with the following commands. 1150The call of geli attach will ask for the passphrase. 1151It is recommended to do this procedure after the boot, because otherwise 1152the boot process would be waiting for the passphrase input. 1153.Bd -literal -offset indent 1154# geli attach -k /root/private0.key /dev/md0 |
| 1153Enter new passphrase: | 1155Enter passphrase: |
| 1154# mount /dev/md0.eli /private 1155.Ed 1156.Sh ENCRYPTION MODES 1157.Nm 1158supports two encryption modes: 1159.Nm XTS , 1160which was standardized as 1161.Nm IEEE P1619 --- 85 unchanged lines hidden --- | 1156# mount /dev/md0.eli /private 1157.Ed 1158.Sh ENCRYPTION MODES 1159.Nm 1160supports two encryption modes: 1161.Nm XTS , 1162which was standardized as 1163.Nm IEEE P1619 --- 85 unchanged lines hidden --- |