On Sun, Sep 12, 2010 at 12:22:25PM -0700, Chris Palmer wrote:
> I recently set up a CRYPTO volume with softraid(4) and enjoyed it. Thanks!
>
> Here are some hopefully-clarifying diffs to the man pages.
>
feedback from softraid people please...
>
> --- bioctl.8.orig Sat Sep 11 19:55:27 2010
> +++ bioctl.8 Sun Sep 12 12:17:30 2010
> @@ -119,7 +119,7 @@
> promote it to being a
> .Dq Hot Spare .
> .It Fl h
> -Where necessary, produce "human-readable" output.
> +Where necessary, produce ``human-readable'' output.
er, ...
> Use unit suffixes: Byte, Kilobyte, Megabyte,
> Gigabyte, Terabyte, Petabyte, Exabyte in order to reduce the number of
> digits to four or less.
> @@ -202,7 +202,7 @@
> RAID 4 and RAID 5 require at least three devices,
> and the CRYPTO discipline requires exactly one.
> .It Fl d
> -Delete volume specified by device.
> +Detach volume specified by device.
softraid people?
> .It Fl k Ar keydisk
> Use special device
> .Ar keydisk
> @@ -224,6 +224,7 @@
> .It Fl r Ar rounds
> When creating an encrypted volume, specifies the number of iterations of
> the algorithm used to convert a passphrase into a key.
> +(The algorithm is PBKDF2.)
if correct, we can probably say:
...the algorithm used (PBKDF2) to convert...
but someone confirm, please.
> Higher iteration counts take more time, but offer more resistance to key
> guessing attacks.
> The minimum is 1000 rounds and the default is 8192.
> @@ -245,20 +246,19 @@
> .Ed
> .Pp
> .Nm
> -will ask for a passphrase, that will be needed to unlock the encrypted
> -disk.
> +will ask for the passphrase needed to unlock the encrypted disk.
> After creating a newly encrypted disk, the first megabyte of it should be
> zeroed, so tools like
> .Xr fdisk 8
> or
> .Xr disklabel 8
> don't get confused by the random data that appears on the new disk.
> -This can be done with the following command (assuming the new disk is sd3):
> +This can be done with the following command (assuming the new disk is sd2):
> .Bd -literal -offset 3n
> -# dd if=/dev/zero of=/dev/rsd3c bs=1m count=1
> +# dd if=/dev/zero of=/dev/rsd2c bs=1m count=1
er, ...
> .Ed
> .Pp
> -Deleting a softraid volume requires the exact volume name.
> +Detaching a softraid volume requires the exact volume name.
softraid people, please.
> For example:
> .Bd -literal -offset 3n
> # bioctl -d sd2
> @@ -267,6 +267,8 @@
> .Xr bio 4 ,
> .Xr scsi 4 ,
> .Xr softraid 4
> +.Pp
> +RFC 2898 describes PBKDF2.
we can probably expand this.
> .Sh HISTORY
> The
> .Nm
> @@ -278,4 +280,4 @@
> interface was written by
> .An Marco Peereboom Aq ma...@openbsd.org .
> .Sh CAVEATS
> -Use of the crypto & RAID 4/5 disciplines are currently considered
> experimental.
> +Use of the CRYPTO and RAID 4/5 disciplines are currently considered
> experimental.
>
>
> --- softraid.4.orig Sun Sep 12 12:13:10 2010
> +++ softraid.4 Sun Sep 12 12:14:50 2010
> @@ -119,6 +119,9 @@
> # printf "a\en\en\en\enRAID\enw\enq\en\en" | disklabel -E wd3
> .Ed
> .Pp
> +(Note that RAID is also the correct partition type when using the CRYPTO
> +discipline.)
> +.Pp
this page already states:
A chunk is a partition or storage area of fstype ``RAID''.
disklabel(8) is used to alter the fstype.
this is pretty clear, no?
jmc
