You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
111 lines
4.3 KiB
111 lines
4.3 KiB
6 years ago
|
From 3f0f7acbc0dd72f1d98feb7af214cf12eb9bc47e Mon Sep 17 00:00:00 2001
|
||
|
From: Ondrej Kozina <okozina@redhat.com>
|
||
|
Date: Tue, 10 Jul 2018 14:36:45 +0200
|
||
|
Subject: [PATCH] Update cryptsetup man page for --type option usage.
|
||
|
|
||
|
Fixes #394.
|
||
|
---
|
||
|
man/cryptsetup.8 | 23 +++++++++++++----------
|
||
|
1 file changed, 13 insertions(+), 10 deletions(-)
|
||
|
|
||
|
diff --git a/man/cryptsetup.8 b/man/cryptsetup.8
|
||
|
index b2ef8cd..96d4fef 100644
|
||
|
--- a/man/cryptsetup.8
|
||
|
+++ b/man/cryptsetup.8
|
||
|
@@ -70,8 +70,8 @@ The following are valid actions for all supported device types.
|
||
|
.IP
|
||
|
Opens (creates a mapping with) <name> backed by device <device>.
|
||
|
|
||
|
-Device type can be \fIplain\fR, \fIluks\fR (default), \fIloopaes\fR
|
||
|
-or \fItcrypt\fR.
|
||
|
+Device type can be \fIplain\fR, \fIluks\fR (default), \fIluks1\fR, \fIluks2\fR,
|
||
|
+\fIloopaes\fR or \fItcrypt\fR.
|
||
|
|
||
|
For backward compatibility there are \fBopen\fR command aliases:
|
||
|
|
||
|
@@ -243,7 +243,7 @@ the command prompts for it interactively.
|
||
|
\fB<options>\fR can be [\-\-key\-file, \-\-keyfile\-offset,
|
||
|
\-\-keyfile\-size, \-\-readonly, \-\-test\-passphrase,
|
||
|
\-\-allow\-discards, \-\-header, \-\-key-slot, \-\-master\-key\-file, \-\-token\-id,
|
||
|
-\-\-token\-only, \-\-disable\-keyring, \-\-disable\-locks].
|
||
|
+\-\-token\-only, \-\-disable\-keyring, \-\-disable\-locks, \-\-type].
|
||
|
.PP
|
||
|
\fIluksSuspend\fR <name>
|
||
|
.IP
|
||
|
@@ -266,7 +266,7 @@ Resumes a suspended device and reinstates the encryption key.
|
||
|
Prompts interactively for a passphrase if \-\-key-file is not given.
|
||
|
|
||
|
\fB<options>\fR can be [\-\-key\-file, \-\-keyfile\-size, \-\-header,
|
||
|
-\-\-disable\-keyring,\-\-disable\-locks]
|
||
|
+\-\-disable\-keyring, \-\-disable\-locks, \-\-type]
|
||
|
.PP
|
||
|
\fIluksAddKey\fR <device> [<key file with new key>]
|
||
|
.IP
|
||
|
@@ -285,7 +285,7 @@ is not required.
|
||
|
\-\-keyfile\-size, \-\-new\-keyfile\-offset,
|
||
|
\-\-new\-keyfile\-size, \-\-key\-slot, \-\-master\-key\-file,
|
||
|
\-\-iter\-time, \-\-force\-password, \-\-header, \-\-disable\-locks,
|
||
|
-\-\-unbound].
|
||
|
+\-\-unbound, \-\-type].
|
||
|
.PP
|
||
|
\fIluksRemoveKey\fR <device> [<key file with passphrase to be removed>]
|
||
|
.IP
|
||
|
@@ -294,7 +294,7 @@ passphrase to be removed can be specified interactively,
|
||
|
as the positional argument or via \-\-key-file.
|
||
|
|
||
|
\fB<options>\fR can be [\-\-key\-file, \-\-keyfile\-offset,
|
||
|
-\-\-keyfile\-size, \-\-header, \-\-disable\-locks]
|
||
|
+\-\-keyfile\-size, \-\-header, \-\-disable\-locks, \-\-type]
|
||
|
|
||
|
\fBWARNING:\fR If you read the passphrase from stdin
|
||
|
(without further argument or with '-' as an argument
|
||
|
@@ -328,7 +328,7 @@ inaccessible.
|
||
|
\fB<options>\fR can be [\-\-key\-file, \-\-keyfile\-offset,
|
||
|
\-\-keyfile\-size, \-\-new\-keyfile\-offset,
|
||
|
\-\-new\-keyfile\-size, \-\-key\-slot, \-\-force\-password, \-\-header,
|
||
|
-\-\-disable\-locks].
|
||
|
+\-\-disable\-locks, \-\-type].
|
||
|
.PP
|
||
|
.PP
|
||
|
\fIluksConvertKey\fR <device>
|
||
|
@@ -364,7 +364,7 @@ an interactive confirmation when doing so. Removing the last
|
||
|
passphrase makes a LUKS container permanently inaccessible.
|
||
|
|
||
|
\fB<options>\fR can be [\-\-key\-file, \-\-keyfile\-offset,
|
||
|
-\-\-keyfile\-size, \-\-header, \-\-disable\-locks].
|
||
|
+\-\-keyfile\-size, \-\-header, \-\-disable\-locks, \-\-type].
|
||
|
|
||
|
\fBWARNING:\fR If you read the passphrase from stdin
|
||
|
(without further argument or with '-' as an argument
|
||
|
@@ -399,6 +399,8 @@ Set new UUID if \fI\-\-uuid\fR option is specified.
|
||
|
Returns true, if <device> is a LUKS device, false otherwise.
|
||
|
Use option \-v to get human-readable feedback. 'Command successful.'
|
||
|
means the device is a LUKS device.
|
||
|
+
|
||
|
+By specifying \-\-type you may query for specific LUKS version.
|
||
|
.PP
|
||
|
\fIluksDump\fR <device>
|
||
|
.IP
|
||
|
@@ -417,7 +419,7 @@ either interactively or via \-\-key\-file.
|
||
|
|
||
|
\fB<options>\fR can be [\-\-dump\-master\-key, \-\-key\-file,
|
||
|
\-\-keyfile\-offset, \-\-keyfile\-size, \-\-header, \-\-disable\-locks,
|
||
|
-\-\-master\-key\-file].
|
||
|
+\-\-master\-key\-file, \-\-type].
|
||
|
|
||
|
\fBWARNING:\fR If \-\-dump\-master\-key is used with \-\-key\-file
|
||
|
and the argument to \-\-key\-file is '-', no validation question
|
||
|
@@ -663,7 +665,8 @@ for LUKS device type.
|
||
|
This command is useful to fix some known benign LUKS metadata
|
||
|
header corruptions. Only basic corruptions of unused keyslot
|
||
|
are fixable. This command will only change the LUKS header, not
|
||
|
-any key-slot data.
|
||
|
+any key-slot data. You may enforce LUKS version by adding \-\-type
|
||
|
+option.
|
||
|
|
||
|
\fBWARNING:\fR Always create a binary backup of the original
|
||
|
header before calling this command.
|
||
|
--
|
||
|
1.8.3.1
|
||
|
|