From owner-svn-src-stable@FreeBSD.ORG Tue Jun 14 10:49:18 2011 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 85F5B106564A; Tue, 14 Jun 2011 10:49:18 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 5CC378FC0C; Tue, 14 Jun 2011 10:49:18 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p5EAnINr031221; Tue, 14 Jun 2011 10:49:18 GMT (envelope-from gjb@svn.freebsd.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p5EAnINI031219; Tue, 14 Jun 2011 10:49:18 GMT (envelope-from gjb@svn.freebsd.org) Message-Id: <201106141049.p5EAnINI031219@svn.freebsd.org> From: Glen Barber Date: Tue, 14 Jun 2011 10:49:18 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223074 - in stable/8/sbin/geom/class: eli sched X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jun 2011 10:49:18 -0000 Author: gjb (doc committer) Date: Tue Jun 14 10:49:18 2011 New Revision: 223074 URL: http://svn.freebsd.org/changeset/base/223074 Log: MFC 216147 [1], 219424 [2]: 216147 by delphij [1]: - Recommend a overwrite of whole geli provider before use. - Correct a typo. 219424 by pjd [2]: - Change example wording. PR: 155385 [2] Modified: stable/8/sbin/geom/class/eli/geli.8 Directory Properties: stable/8/sbin/geom/ (props changed) stable/8/sbin/geom/class/multipath/ (props changed) stable/8/sbin/geom/class/part/ (props changed) stable/8/sbin/geom/class/sched/gsched.8 (props changed) stable/8/sbin/geom/class/stripe/ (props changed) Modified: stable/8/sbin/geom/class/eli/geli.8 ============================================================================== --- stable/8/sbin/geom/class/eli/geli.8 Tue Jun 14 07:20:16 2011 (r223073) +++ stable/8/sbin/geom/class/eli/geli.8 Tue Jun 14 10:49:18 2011 (r223074) @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd October 20, 2010 +.Dd March 9, 2011 .Dt GELI 8 .Os .Sh NAME @@ -694,15 +694,17 @@ Enter passphrase: .Ed .Pp Create an encrypted provider, but use two keys: -one for your girlfriend and one for -you (so there will be no tragedy if she forgets her passphrase): +one for your employee and one for you as company's security officer +(so there is no tragedy if the employee +.Qq accidentally +forgets his passphrase): .Bd -literal -offset indent # geli init /dev/da2 -Enter new passphrase: (enter your passphrase) +Enter new passphrase: (enter security officer passphrase) Reenter new passphrase: # geli setkey -n 1 /dev/da2 -Enter passphrase: (enter your passphrase) -Enter new passphrase: (let your girlfriend enter her passphrase ...) +Enter passphrase: (enter security officer passphrase) +Enter new passphrase: (let your employee enter his passphrase ...) Reenter new passphrase: (... twice) .Ed .Pp @@ -842,7 +844,7 @@ Enter passphrase: .Nm supports two encryption modes: .Nm XTS , -which was standarized as +which was standardized as .Nm IEE P1619 and .Nm CBC @@ -873,6 +875,10 @@ changes with the data he owns without no In other words .Nm will not protect your data against replay attacks. +.Pp +It is recommended to write the whole provider before the first use, +in order to make sure that all sectors and their corresponding +checksums are properly initialized into a consistent state. .Sh SEE ALSO .Xr crypto 4 , .Xr gbde 4 ,