Date: Thu, 2 Jan 2020 22:43:32 +0000 From: RW <rwmaillists@googlemail.com> To: freebsd-hackers@freebsd.org Subject: Re: geli - changing keyfile Message-ID: <20200102224332.50eabafb@gumby.homeunix.com> In-Reply-To: <alpine.BSF.2.20.2001021906280.95747@puchar.net> References: <alpine.BSF.2.20.2001021906280.95747@puchar.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 2 Jan 2020 19:07:44 +0100 (CET) Wojciech Puchar wrote: > i probably cannot properly read manuals but still not sure how to do > that. > > i have geli encrypted volume with keyfile only - no password > created by geli init -s 4096 -P -K <somefile> > > now i want to change the key file to <someotherfile>. still no > password. I've never had cause to do this, but it would be done with geli setkey. Note that if an attacker has a copy of either the geli metadata sector or a geli metadata back-up file, the old key-file can still be used to access your data.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20200102224332.50eabafb>