Loading...

freebsd-geom@freebsd.org

[Prev] Thread [Next]  |  [Prev] Date [Next]

geli(8) manpage Volker Thu Apr 10 00:09:47 2008

Hi!

quote from geli(8):

You are the security-person in your company.  Create an encrypted
provider for use by the user, but remember that users forget their
passphrases, so back Master Key up with your own random key:

           # dd if=/dev/random of=/mnt/pendrive/keys/`hostname` bs=64
count=1
           # geli init -P -K /mnt/pendrive/keys/`hostname` /dev/ad0s1e
           # geli backup /dev/ad0s1e /mnt/pendrive/backups/`hostname`
           (use key number 0, so the encrypted Master Key by you will
be overwritten)
           # geli setkey -n 0 -k /mnt/pendrive/keys/`hostname` /dev/ad0s1e
           (allow the user to enter his passphrase)
           Enter new passphrase:
           Reenter new passphrase:
/quote

When trying this scenario, geli claims about the "setkey -n 0" command
with "geli: Missing -p flag."

All works well with the -p flag, so I guess the manpage is wrong here?


Volker
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-geom
To unsubscribe, send any mail to "[EMAIL PROTECTED]"