| geli.8 (212846) | geli.8 (212934) |
|---|---|
| 1.\" Copyright (c) 2005-2008 Pawel Jakub Dawidek <pjd@FreeBSD.org> 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 8 unchanged lines hidden (view full) --- 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" | 1.\" Copyright (c) 2005-2008 Pawel Jakub Dawidek <pjd@FreeBSD.org> 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 8 unchanged lines hidden (view full) --- 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" |
| 25.\" $FreeBSD: head/sbin/geom/class/eli/geli.8 212846 2010-09-19 10:51:55Z pjd $ | 25.\" $FreeBSD: head/sbin/geom/class/eli/geli.8 212934 2010-09-20 22:04:59Z brian $ |
| 26.\" | 26.\" |
| 27.Dd August 29, 2008 | 27.Dd September 20, 2010 |
| 28.Dt GELI 8 29.Os 30.Sh NAME 31.Nm geli 32.Nd "control utility for cryptographic GEOM class" 33.Sh SYNOPSIS 34To compile GEOM_ELI into your kernel, place the following lines in your kernel 35configuration file: --- 70 unchanged lines hidden (view full) --- 106.Op Ar prov ... 107.Nm 108.Cm backup 109.Op Fl v 110.Ar prov 111.Ar file 112.Nm 113.Cm restore | 28.Dt GELI 8 29.Os 30.Sh NAME 31.Nm geli 32.Nd "control utility for cryptographic GEOM class" 33.Sh SYNOPSIS 34To compile GEOM_ELI into your kernel, place the following lines in your kernel 35configuration file: --- 70 unchanged lines hidden (view full) --- 106.Op Ar prov ... 107.Nm 108.Cm backup 109.Op Fl v 110.Ar prov 111.Ar file 112.Nm 113.Cm restore |
| 114.Op Fl v | 114.Op Fl fv |
| 115.Ar file 116.Ar prov 117.Nm | 115.Ar file 116.Ar prov 117.Nm |
| 118.Cm resize 119.Op Fl v 120.Fl s Ar oldsize 121.Ar prov 122.Nm |
|
| 118.Cm clear 119.Op Fl v 120.Ar prov ... 121.Nm 122.Cm dump 123.Op Fl v 124.Ar prov ... 125.Nm --- 333 unchanged lines hidden (view full) --- 459.Bl -tag -width ".Fl a" 460.It Fl a 461If specified, all currently attached providers will be killed. 462.El 463.It Cm backup 464Backup metadata from the given provider to the given file. 465.It Cm restore 466Restore metadata from the given file to the given provider. | 123.Cm clear 124.Op Fl v 125.Ar prov ... 126.Nm 127.Cm dump 128.Op Fl v 129.Ar prov ... 130.Nm --- 333 unchanged lines hidden (view full) --- 464.Bl -tag -width ".Fl a" 465.It Fl a 466If specified, all currently attached providers will be killed. 467.El 468.It Cm backup 469Backup metadata from the given provider to the given file. 470.It Cm restore 471Restore metadata from the given file to the given provider. |
| 472.Bl -tag -width ".Fl f" 473.It Fl f 474Metadata contains the size of the provider to ensure that the correct 475partition or slice is attached. 476If an attempt is made to restore metadata to a provider that has a different 477size, 478.Nm 479will refuse to restore the data unless the 480.Fl f 481switch is used. 482If the partition or slice has been grown, the 483.Cm resize 484subcommand should be used rather than attempting to relocate the metadata 485through 486.Cm backup 487and 488.Cm restore . 489.El 490.It Cm resize 491Inform 492.Nm 493that the provider has been resized. 494The old metadata block is relocated to the correct position at the end of the 495provider and the provider size is updated. 496.Bl -tag -width ".Fl s Ar oldsize" 497.It Fl s Ar oldsize 498The size of the provider before it was resized. 499.El |
|
| 467.It Cm clear 468Clear metadata from the given providers. 469.It Cm dump 470Dump metadata stored on the given providers. 471.It Cm list 472See 473.Xr geom 8 . 474.It Cm status --- 185 unchanged lines hidden (view full) --- 660 661# geli clear /dev/da0 662# geli attach /dev/da0 663geli: Cannot read metadata from /dev/da0: Invalid argument. 664# geli restore /var/backups/da0.eli /dev/da0 665# geli attach /dev/da0 666Enter passphrase: 667.Ed | 500.It Cm clear 501Clear metadata from the given providers. 502.It Cm dump 503Dump metadata stored on the given providers. 504.It Cm list 505See 506.Xr geom 8 . 507.It Cm status --- 185 unchanged lines hidden (view full) --- 693 694# geli clear /dev/da0 695# geli attach /dev/da0 696geli: Cannot read metadata from /dev/da0: Invalid argument. 697# geli restore /var/backups/da0.eli /dev/da0 698# geli attach /dev/da0 699Enter passphrase: 700.Ed |
| 701.Pp 702If an encrypted filesystem is extended, it is necessary to relocate and 703update the metadata: 704.Bd -literal -offset indent 705# gpart create -s GPT ada0 706# gpart add -s 1g -t freebsd-ufs -i 1 ada0 707# geli init -K keyfile -P ada0p1 708# gpart resize -s 2g -i 1 ada0 709# geli resize -s 1g ada0p1 710# geli attach -k keyfile -p ada0p1 711.Ed |
|
| 668.Sh DATA AUTHENTICATION 669.Nm 670can verify data integrity when an authentication algorithm is specified. 671When data corruption/modification is detected, 672.Nm 673will not return any data, but instead will return an error 674.Pq Er EINVAL . 675The offset and size of the corrupted data will be printed on the console. --- 31 unchanged lines hidden --- | 712.Sh DATA AUTHENTICATION 713.Nm 714can verify data integrity when an authentication algorithm is specified. 715When data corruption/modification is detected, 716.Nm 717will not return any data, but instead will return an error 718.Pq Er EINVAL . 719The offset and size of the corrupted data will be printed on the console. --- 31 unchanged lines hidden --- |