65 lines
1.9 KiB
Diff
65 lines
1.9 KiB
Diff
|
2010-09-29 Miloslav Trmač <mitr@redhat.com>
|
||
|
|
||
|
* README
|
||
|
* doc/volume_key.8: Clarify which block device should be passed to
|
||
|
volume_key(8).
|
||
|
|
||
|
diff --git a/README b/README
|
||
|
index a57bb02..ac58f51 100644
|
||
|
--- a/README
|
||
|
+++ b/README
|
||
|
@@ -27,6 +27,11 @@ this:
|
||
|
* Run
|
||
|
volume_key --save /path/to/volume -o escrow-packet
|
||
|
You will be prompted for an escrow packet passphrase to protect the key.
|
||
|
+
|
||
|
+ In all examples in this file, /path/to/volume is a LUKS device, not the
|
||
|
+ plaintext device containted within: (blkid -s TYPE /path/to/volume) should
|
||
|
+ report TYPE="crypto_LUKS".
|
||
|
+
|
||
|
* Save the generated `escrow-packet' file, make sure you won't forget the
|
||
|
passphrase.
|
||
|
|
||
|
@@ -87,6 +92,10 @@ Saving encryption keys
|
||
|
volume_key --save /path/to/volume -c /path/to/cert -o escrow-packet
|
||
|
where /path/to/cert points to the certificate distributed in the preparation
|
||
|
phase.
|
||
|
+
|
||
|
+ In all examples in this file, /path/to/volume is a LUKS device, not the
|
||
|
+ plaintext device containted within: (blkid -s TYPE /path/to/volume) should
|
||
|
+ report TYPE="crypto_LUKS".
|
||
|
* Save the generated `escrow-packet' file in the prepared storage, associating
|
||
|
it with the system and the volume.
|
||
|
|
||
|
diff --git a/doc/volume_key.8 b/doc/volume_key.8
|
||
|
index b4a2000..be75b99 100644
|
||
|
--- a/doc/volume_key.8
|
||
|
+++ b/doc/volume_key.8
|
||
|
@@ -16,7 +16,7 @@
|
||
|
.\" Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
||
|
.\"
|
||
|
.\" Author: Miloslav Trmač <mitr@redhat.com>])
|
||
|
-.TH volume_key 8 "May 2009" volume_key
|
||
|
+.TH volume_key 8 "Sep 2010" volume_key
|
||
|
|
||
|
.SH NAME
|
||
|
volume_key \- work with volume encryption secrets and escrow packets
|
||
|
@@ -45,6 +45,17 @@ options.
|
||
|
See the OPTIONS sections for details.
|
||
|
|
||
|
.SH OPTIONS
|
||
|
+
|
||
|
+In all options described below,
|
||
|
+.I VOLUME
|
||
|
+is a LUKS device,
|
||
|
+not the plaintext device containted within:
|
||
|
+.RS
|
||
|
+.B blkid \-s TYPE
|
||
|
+.I VOLUME
|
||
|
+.RE
|
||
|
+should report \fBTYPE="crypto_LUKS"\fP.
|
||
|
+
|
||
|
The following options determine the mode of operation and expected operands of
|
||
|
\fBvolume_key\fP:
|
||
|
|