Lines Matching +full:part +full:- +full:number

1 .\" Copyright (c) 2005-2019 Pawel Jakub Dawidek <pawel@dawidek.net>
34 .Bd -ragged -offset indent
42 .Bd -literal -offset indent
63 .Cm label - an alias for
77 .Cm stop - an alias for
161 .Bl -bullet -offset indent -compact
170 .Nm AES-XTS ,
171 .Nm AES-CBC ,
173 .Nm Camellia-CBC ) .
194 .%T "PKCS #5: Password-Based Cryptography Specification, Version 2.0."
204 It is fast -
206 performs simple sector-to-sector encryption.
217 Allows attaching a provider with a random, one-time Master Key,
228 .Bl -tag -width ".Cm configure"
248 .Bl -tag -width ".Fl J Ar newpassfile"
270 directory, which can be a CD-ROM disc or USB pen-drive, that can be removed
281 (all upper-case) in the file name, and it will be replaced with the provider
287 .Pa -<prov>
297 .Nm AES-XTS ,
298 .Nm AES-CBC ,
299 .Nm Camellia-CBC ,
303 .Nm AES-XTS .
312 Number of iterations to use with PKCS#5v2 when processing User Key
316 will find the number of iterations which is equal to 2 seconds of crypto work.
322 (or part of it).
325 is given as -, standard input will be used.
326 Only the first line (excluding new-line character) is taken from the given file.
334 (or part of it).
337 is given as -, standard input will be used.
345 .Bl -ohang -offset indent
346 .It Nm AES-XTS
349 .It Nm AES-CBC , Nm Camellia-CBC
397 Note that using an older version of metadata may limit the number of
413 .Bl -tag -width ".Fl j Ar passfile"
415 Do a dry-run decryption.
422 the filesystems on the providers were mounted read-only.
429 Specifies the index number of the Master Key copy to use (could be 0 or 1).
430 If the index number is not provided all keys will be tested.
433 (or part of it).
442 (or part of it).
455 Attach read-only providers.
463 .Bl -tag -width ".Fl f"
465 Force detach - detach even if the provider is open.
474 Attach the given providers with a random, one-time (ephemeral) Master Key.
478 .Bl -tag -width ".Fl a Ar sectorsize"
522 .Bl -tag -width ".Fl b"
569 subcommand, only key number 0 is initialized.
576 .Bl -tag -width ".Fl J Ar newpassfile"
578 Number of iterations to use with PKCS#5v2.
585 (or part of it).
588 (or part of it).
591 (or part of it).
594 (or part of it).
596 Specifies the index number of the Master Key copy to change (could be 0 or 1).
597 If the provider is attached and no key number is given, the key
600 and no key number is given, the first Master Key copy to be successfully
622 .Bl -tag -width ".Fl a Ar keyno"
631 Specifies the index number of the Master Key copy.
632 If the provider is attached and no key number is given, the key
634 If provider is detached (or we are operating on a backup file) the key number
641 This is absolutely a one-way command - if you do not have a metadata
648 .Bl -tag -width ".Fl a"
658 .Bl -tag -width ".Fl f"
703 .Bl -tag -width ".Fl a"
718 .Bl -tag -width ".Fl j Ar passfile"
721 or part of it.
729 or part of it.
749 .Bl -tag -width ".Fl s Ar oldsize"
787 .Bl -tag -width ".Fl v"
800 up to two, independently-encrypted copies of the Master Key.
818 The number of Data Keys used by a given provider, and the way they are
830 .Bl -tag -width indent
832 Version number of the
839 This can be set to a number between 0 and 3 inclusive.
844 Number of times a user is asked for the passphrase.
874 If set to 0, a CPU-pinned thread will be started for every active CPU.
879 When set to 1, can speed-up crypto operations by using batching.
880 Batching reduces the number of interrupts by responding to a group of
900 Enable support for unmapped I/O buffers, currently implemented only on 64-bit
911 so as to avoid creating too much thread-switching overhead.
943 .Bd -literal -offset indent
945 # geli init -s 4096 -K /mnt/pendrive/da2.key /dev/da2
948 # geli attach -k /mnt/pendrive/da2.key /dev/da2
963 .Bd -literal -offset indent
967 # geli setkey -n 1 /dev/da2
976 .Bd -literal -offset indent
978 # geli init -P -K /mnt/pendrive/keys/`hostname` /dev/ada0s1e
980 (use key number 0, so the encrypted Master Key will be re-encrypted by this)
981 # geli setkey -n 0 -k /mnt/pendrive/keys/`hostname` /dev/ada0s1e
988 .Bd -literal -offset indent
990 # geli onetime -d ada0s1b
997 using only a keyfile in one part:
998 .Bd -literal -offset indent
1003 # geli init -b -K /boot/keys/da0.key0 -K /boot/keys/da0.key1 -K /boot/keys/da0.key2 da0
1008 # geli init -b -P -K /boot/keys/da1s3a.key da1s3a
1013 .Bd -literal -offset indent
1030 .Bd -literal -offset indent
1049 .No < Va prefix No > Va _type No -like
1067 .Bd -literal -offset indent
1068 # geli init -a hmac/sha256 -s 4096 /dev/da0
1084 .Bd -literal -offset indent
1104 .Bd -literal -offset indent
1105 # gpart create -s GPT ada0
1106 # gpart add -s 1g -t freebsd-ufs -i 1 ada0
1107 # geli init -K keyfile -P ada0p1
1108 # gpart resize -s 2g -i 1 ada0
1109 # geli resize -s 1g ada0p1
1110 # geli attach -k keyfile -p ada0p1
1119 .Bd -literal -offset indent
1122 # geli init -J da0.pass0 -J da0.pass1 da0
1123 # geli attach -j da0.pass0 -j da0.pass1 da0
1133 .Bd -literal -offset indent
1134 # geli suspend -a
1137 # geli resume -p -k keyfile gpt/secret
1150 .Bd -literal -offset indent
1153 # mdconfig -t vnode -f /usr/private0
1159 .Bd -literal -offset indent
1160 mdconfig_md0="-t vnode -f /usr/private0"
1171 .Bd -literal -offset indent
1173 # geli init -K /root/private0.key -s 4096 /dev/md0
1176 # geli attach -k /root/private0.key /dev/md0
1185 .Bd -literal -offset indent
1196 .Bd -literal -offset indent
1197 # geli attach -k /root/private0.key /dev/md0
1227 If data is modified in-place or copied from one place on the disk
1264 .Bl -column -offset indent ".Sy FreeBSD" ".Sy version"