Date: Sun, 13 Jan 2008 23:42:28 +0100 From: Volker <volker@vwsoft.com> To: freebsd-geom@freebsd.org Subject: geli(8) manpage Message-ID: <478A93D4.3030200@vwsoft.com>
next in thread | raw e-mail | index | archive | help
Hi!
quote from geli(8):
You are the security-person in your company. Create an encrypted
provider for use by the user, but remember that users forget their
passphrases, so back Master Key up with your own random key:
# dd if=/dev/random of=/mnt/pendrive/keys/`hostname` bs=64
count=1
# geli init -P -K /mnt/pendrive/keys/`hostname` /dev/ad0s1e
# geli backup /dev/ad0s1e /mnt/pendrive/backups/`hostname`
(use key number 0, so the encrypted Master Key by you will
be overwritten)
# geli setkey -n 0 -k /mnt/pendrive/keys/`hostname` /dev/ad0s1e
(allow the user to enter his passphrase)
Enter new passphrase:
Reenter new passphrase:
/quote
When trying this scenario, geli claims about the "setkey -n 0" command
with "geli: Missing -p flag."
All works well with the -p flag, so I guess the manpage is wrong here?
Volker
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?478A93D4.3030200>