Date: Tue, 14 Jun 2011 10:50:17 +0000 (UTC) From: Glen Barber <gjb@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org Subject: svn commit: r223076 - stable/7/sbin/geom/class/eli Message-ID: <201106141050.p5EAoHus031329@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: gjb (doc committer) Date: Tue Jun 14 10:50:16 2011 New Revision: 223076 URL: http://svn.freebsd.org/changeset/base/223076 Log: MFC 216147 [1], 219424 [2]: 216147 by delphij [1]: - Recommend a overwrite of whole geli provider before use. 219424 by pjd [2]: - Change example wording. PR: 155385 [2] Modified: stable/7/sbin/geom/class/eli/geli.8 Directory Properties: stable/7/sbin/geom/ (props changed) stable/7/sbin/geom/class/journal/ (props changed) stable/7/sbin/geom/class/label/ (props changed) stable/7/sbin/geom/class/part/ (props changed) stable/7/sbin/geom/class/stripe/ (props changed) stable/7/sbin/geom/misc/ (props changed) Modified: stable/7/sbin/geom/class/eli/geli.8 ============================================================================== --- stable/7/sbin/geom/class/eli/geli.8 Tue Jun 14 10:50:01 2011 (r223075) +++ stable/7/sbin/geom/class/eli/geli.8 Tue Jun 14 10:50:16 2011 (r223076) @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd September 16, 2006 +.Dd March 9, 2011 .Dt GELI 8 .Os .Sh NAME @@ -543,15 +543,17 @@ Enter passphrase: .Ed .Pp Create an encrypted provider, but use two keys: -one for your girlfriend and one for -you (so there will be no tragedy if she forgets her passphrase): +one for your employee and one for you as company's security officer +(so there is no tragedy if the employee +.Qq accidentally +forgets his passphrase): .Bd -literal -offset indent # geli init /dev/da2 -Enter new passphrase: (enter your passphrase) +Enter new passphrase: (enter security officer passphrase) Reenter new passphrase: # geli setkey -n 1 /dev/da2 -Enter passphrase: (enter your passphrase) -Enter new passphrase: (let your girlfriend enter her passphrase ...) +Enter passphrase: (enter security officer passphrase) +Enter new passphrase: (let your employee enter his passphrase ...) Reenter new passphrase: (... twice) .Ed .Pp @@ -643,6 +645,10 @@ changes with the data he owns without no In other words .Nm will not protect your data against replay attacks. +.Pp +It is recommended to write the whole provider before the first use, +in order to make sure that all sectors and their corresponding +checksums are properly initialized into a consistent state. .Sh SEE ALSO .Xr crypto 4 , .Xr gbde 4 ,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201106141050.p5EAoHus031329>