Author: gjb (doc committer) Date: Tue Jun 14 10:49:18 2011 New Revision: 223074 URL: http://svn.freebsd.org/changeset/base/223074
Log: MFC 216147 [1], 219424 [2]: 216147 by delphij [1]: - Recommend a overwrite of whole geli provider before use. - Correct a typo. 219424 by pjd [2]: - Change example wording. PR: 155385 [2] Modified: stable/8/sbin/geom/class/eli/geli.8 Directory Properties: stable/8/sbin/geom/ (props changed) stable/8/sbin/geom/class/multipath/ (props changed) stable/8/sbin/geom/class/part/ (props changed) stable/8/sbin/geom/class/sched/gsched.8 (props changed) stable/8/sbin/geom/class/stripe/ (props changed) Modified: stable/8/sbin/geom/class/eli/geli.8 ============================================================================== --- stable/8/sbin/geom/class/eli/geli.8 Tue Jun 14 07:20:16 2011 (r223073) +++ stable/8/sbin/geom/class/eli/geli.8 Tue Jun 14 10:49:18 2011 (r223074) @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd October 20, 2010 +.Dd March 9, 2011 .Dt GELI 8 .Os .Sh NAME @@ -694,15 +694,17 @@ Enter passphrase: .Ed .Pp Create an encrypted provider, but use two keys: -one for your girlfriend and one for -you (so there will be no tragedy if she forgets her passphrase): +one for your employee and one for you as company's security officer +(so there is no tragedy if the employee +.Qq accidentally +forgets his passphrase): .Bd -literal -offset indent # geli init /dev/da2 -Enter new passphrase: (enter your passphrase) +Enter new passphrase: (enter security officer passphrase) Reenter new passphrase: # geli setkey -n 1 /dev/da2 -Enter passphrase: (enter your passphrase) -Enter new passphrase: (let your girlfriend enter her passphrase ...) +Enter passphrase: (enter security officer passphrase) +Enter new passphrase: (let your employee enter his passphrase ...) Reenter new passphrase: (... twice) .Ed .Pp @@ -842,7 +844,7 @@ Enter passphrase: .Nm supports two encryption modes: .Nm XTS , -which was standarized as +which was standardized as .Nm IEE P1619 and .Nm CBC @@ -873,6 +875,10 @@ changes with the data he owns without no In other words .Nm will not protect your data against replay attacks. +.Pp +It is recommended to write the whole provider before the first use, +in order to make sure that all sectors and their corresponding +checksums are properly initialized into a consistent state. .Sh SEE ALSO .Xr crypto 4 , .Xr gbde 4 , _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "[email protected]"
