geli.8 (213172) | geli.8 (214118) |
---|---|
1.\" Copyright (c) 2005-2010 Pawel Jakub Dawidek <pjd@FreeBSD.org> 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 8 unchanged lines hidden (view full) --- 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" | 1.\" Copyright (c) 2005-2010 Pawel Jakub Dawidek <pjd@FreeBSD.org> 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 8 unchanged lines hidden (view full) --- 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" |
25.\" $FreeBSD: head/sbin/geom/class/eli/geli.8 213172 2010-09-25 17:38:57Z pjd $ | 25.\" $FreeBSD: head/sbin/geom/class/eli/geli.8 214118 2010-10-20 20:50:55Z pjd $ |
26.\" | 26.\" |
27.Dd September 25, 2010 | 27.Dd October 20, 2010 |
28.Dt GELI 8 29.Os 30.Sh NAME 31.Nm geli 32.Nd "control utility for cryptographic GEOM class" 33.Sh SYNOPSIS 34To compile GEOM_ELI into your kernel, place the following lines in your kernel 35configuration file: --- 78 unchanged lines hidden (view full) --- 114.Ar prov 115.Ar file 116.Nm 117.Cm restore 118.Op Fl fv 119.Ar file 120.Ar prov 121.Nm | 28.Dt GELI 8 29.Os 30.Sh NAME 31.Nm geli 32.Nd "control utility for cryptographic GEOM class" 33.Sh SYNOPSIS 34To compile GEOM_ELI into your kernel, place the following lines in your kernel 35configuration file: --- 78 unchanged lines hidden (view full) --- 114.Ar prov 115.Ar file 116.Nm 117.Cm restore 118.Op Fl fv 119.Ar file 120.Ar prov 121.Nm |
122.Cm suspend 123.Op Fl v 124.Fl a | Ar prov ... 125.Nm 126.Cm resume 127.Op Fl pv 128.Op Fl j Ar passfile 129.Op Fl k Ar keyfile 130.Ar prov 131.Nm |
|
122.Cm resize 123.Op Fl v 124.Fl s Ar oldsize 125.Ar prov 126.Nm 127.Cm clear 128.Op Fl v 129.Ar prov ... --- 72 unchanged lines hidden (view full) --- 202Providers can be configured to automatically detach on last close 203(so users do not have to remember to detach providers after unmounting 204the file systems). 205.It 206Allows to attach a provider with a random, one-time key - useful for swap 207partitions and temporary file systems. 208.It 209Allows to verify data integrity (data authentication). | 132.Cm resize 133.Op Fl v 134.Fl s Ar oldsize 135.Ar prov 136.Nm 137.Cm clear 138.Op Fl v 139.Ar prov ... --- 72 unchanged lines hidden (view full) --- 212Providers can be configured to automatically detach on last close 213(so users do not have to remember to detach providers after unmounting 214the file systems). 215.It 216Allows to attach a provider with a random, one-time key - useful for swap 217partitions and temporary file systems. 218.It 219Allows to verify data integrity (data authentication). |
220.It 221Allows to suspend and resume encrypted devices. |
|
210.El 211.Pp 212The first argument to 213.Nm 214indicates an action to be performed: 215.Bl -tag -width ".Cm configure" 216.It Cm init 217Initialize provider which needs to be encrypted. --- 235 unchanged lines hidden (view full) --- 453.El 454.It Cm delkey 455Destroy (overwrite with random data) the selected key. 456If one is destroying keys for an attached provider, the provider 457will not be detached even if all keys will be destroyed. 458It can be even rescued with the 459.Cm setkey 460subcommand. | 222.El 223.Pp 224The first argument to 225.Nm 226indicates an action to be performed: 227.Bl -tag -width ".Cm configure" 228.It Cm init 229Initialize provider which needs to be encrypted. --- 235 unchanged lines hidden (view full) --- 465.El 466.It Cm delkey 467Destroy (overwrite with random data) the selected key. 468If one is destroying keys for an attached provider, the provider 469will not be detached even if all keys will be destroyed. 470It can be even rescued with the 471.Cm setkey 472subcommand. |
473.Pp 474Additional options include: |
|
461.Bl -tag -width ".Fl a Ar keyno" 462.It Fl a 463Destroy all keys (does not need 464.Fl f 465option). 466.It Fl f 467Force key destruction. 468This option is needed to destroy the last key. --- 8 unchanged lines hidden (view full) --- 477This command should be used in emergency situations. 478It will destroy all keys on the given provider and will detach it forcibly 479(if it is attached). 480This is absolutely a one-way command - if you do not have a metadata 481backup, your data is gone for good. 482In case the provider was attached with the 483.Fl r 484flag, the keys will not be destroyed, only the provider will be detached. | 475.Bl -tag -width ".Fl a Ar keyno" 476.It Fl a 477Destroy all keys (does not need 478.Fl f 479option). 480.It Fl f 481Force key destruction. 482This option is needed to destroy the last key. --- 8 unchanged lines hidden (view full) --- 491This command should be used in emergency situations. 492It will destroy all keys on the given provider and will detach it forcibly 493(if it is attached). 494This is absolutely a one-way command - if you do not have a metadata 495backup, your data is gone for good. 496In case the provider was attached with the 497.Fl r 498flag, the keys will not be destroyed, only the provider will be detached. |
499.Pp 500Additional options include: |
|
485.Bl -tag -width ".Fl a" 486.It Fl a 487If specified, all currently attached providers will be killed. 488.El 489.It Cm backup 490Backup metadata from the given provider to the given file. 491.It Cm restore 492Restore metadata from the given file to the given provider. | 501.Bl -tag -width ".Fl a" 502.It Fl a 503If specified, all currently attached providers will be killed. 504.El 505.It Cm backup 506Backup metadata from the given provider to the given file. 507.It Cm restore 508Restore metadata from the given file to the given provider. |
509.Pp 510Additional options include: |
|
493.Bl -tag -width ".Fl f" 494.It Fl f 495Metadata contains the size of the provider to ensure that the correct 496partition or slice is attached. 497If an attempt is made to restore metadata to a provider that has a different 498size, 499.Nm 500will refuse to restore the data unless the 501.Fl f 502switch is used. 503If the partition or slice has been grown, the 504.Cm resize 505subcommand should be used rather than attempting to relocate the metadata 506through 507.Cm backup 508and 509.Cm restore . 510.El | 511.Bl -tag -width ".Fl f" 512.It Fl f 513Metadata contains the size of the provider to ensure that the correct 514partition or slice is attached. 515If an attempt is made to restore metadata to a provider that has a different 516size, 517.Nm 518will refuse to restore the data unless the 519.Fl f 520switch is used. 521If the partition or slice has been grown, the 522.Cm resize 523subcommand should be used rather than attempting to relocate the metadata 524through 525.Cm backup 526and 527.Cm restore . 528.El |
529.It Cm suspend 530Suspend device by waiting for all inflight request to finish, clearing all 531sensitive informations (like keys) from the kernel memory and blocking all 532further I/O requests until the 533.Cm resume 534subcommand is executed. 535This functionality is useful for eg. laptops - when one wants to suspend a 536laptop, one does not want to leave encrypted device attached. 537Instead of closing all files and directories opened from a file system placed 538on an encrypted device, unmounting the file system and detaching the device, 539the 540.Cm suspend 541subcommand can be used. 542Any access to the encrypted device will be blocked until the keys are 543recovered through 544.Cm resume 545subcommand, thus there is no need to close nor unmount anything. 546The 547.Cm suspend 548subcommand does not work with devices created with the 549.Cm onetime 550subcommand. 551Please note that sensitive data might still be present in memory after 552suspending encrypted device, because of file system cache, etc. 553.Pp 554Additional options include: 555.Bl -tag -width ".Fl a" 556.It Fl a 557Suspend all 558.Nm 559devices. 560.El 561.It Cm resume 562Resume previously suspended device. 563The caller must ensure that executing this subcommand won't try to access 564suspended device, which will lead to a deadlock. 565For example suspending device, which contains file system where the 566.Nm 567utility is stored is bad idea. 568.Pp 569Additional options include: 570.Bl -tag -width ".Fl j Ar passfile" 571.It Fl j Ar passfile 572Specifies a file which contains the passphrase or its part. 573For more information see the description of the 574.Fl J 575option for the 576.Cm init 577subcommand. 578.It Fl k Ar keyfile 579Specifies a file which contains part of the key. 580For more information see the description of the 581.Fl K 582option for the 583.Cm init 584subcommand. 585.It Fl p 586Do not use passphrase as the key component. 587.El |
|
511.It Cm resize 512Inform 513.Nm 514that the provider has been resized. 515The old metadata block is relocated to the correct position at the end of the 516provider and the provider size is updated. | 588.It Cm resize 589Inform 590.Nm 591that the provider has been resized. 592The old metadata block is relocated to the correct position at the end of the 593provider and the provider size is updated. |
594.Pp 595Additional options include: |
|
517.Bl -tag -width ".Fl s Ar oldsize" 518.It Fl s Ar oldsize 519The size of the provider before it was resized. 520.El 521.It Cm clear 522Clear metadata from the given providers. 523.It Cm dump 524Dump metadata stored on the given providers. --- 216 unchanged lines hidden (view full) --- 741# echo foo > da0.pass0 742# echo bar > da0.pass1 743# geli init -J da0.pass0 -J da0.pass1 da0 744# geli attach -j da0.pass0 -j da0.pass1 da0 745# geli detach da0 746# geli attach da0 747Enter passphrase: foobar 748.Ed | 596.Bl -tag -width ".Fl s Ar oldsize" 597.It Fl s Ar oldsize 598The size of the provider before it was resized. 599.El 600.It Cm clear 601Clear metadata from the given providers. 602.It Cm dump 603Dump metadata stored on the given providers. --- 216 unchanged lines hidden (view full) --- 820# echo foo > da0.pass0 821# echo bar > da0.pass1 822# geli init -J da0.pass0 -J da0.pass1 da0 823# geli attach -j da0.pass0 -j da0.pass1 da0 824# geli detach da0 825# geli attach da0 826Enter passphrase: foobar 827.Ed |
828.Pp 829Suspend all 830.Nm 831devices, suspend a laptop, then resume devices one by one after resuming a 832laptop: 833.Bd -literal -offset indent 834# geli suspend -a 835# zzz 836<resume your laptop> 837# geli resume -p -k keyfile gpt/secret 838# geli resume gpt/private 839Enter passphrase: 840.Ed |
|
749.Sh ENCRYPTION MODES 750.Nm 751supports two encryption modes: 752.Nm XTS , 753which was standarized as 754.Nm IEE P1619 755and 756.Nm CBC --- 46 unchanged lines hidden --- | 841.Sh ENCRYPTION MODES 842.Nm 843supports two encryption modes: 844.Nm XTS , 845which was standarized as 846.Nm IEE P1619 847and 848.Nm CBC --- 46 unchanged lines hidden --- |