summaryrefslogtreecommitdiff
path: root/man/crypttab.xml
AgeCommit message (Collapse)Author
2014-01-26cryptsetup: Support key-slot optionChristian Seiler
Debian recently introduced the option key-slot to /etc/crypttab to specify the LUKS key slot to be used for decrypting the device. On systems where a keyfile is used and the key is not in the first slot, this can speed up the boot process quite a bit, since cryptsetup does not need to try all of the slots sequentially. (Unsuccessfully testing a key slot typically takes up to about 1 second.) This patch makes systemd aware of this option. Debian bug that introduced the feature: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704470
2013-11-25Revert "man: suggest using hash= atribut for swap in example"Lukas Nykryn
This reverts commit fa7abba2328eb2d23a7e27708f86f5013059ddcf.
2013-11-21man: suggest using hash= atribut for swap in exampleVáclav Pavlín
(#883941)
2013-09-11cryptsetup: Retry indefinitely if tries=0 option has been set.Thomas Bächler
When running from initrd, entering a wrong passphrase usually means that you cannot boot. Therefore, we allow trying indefinitely.
2013-08-14systemd-cryptsetup: makes “discard” a synonym for “allow-discards”Ondrej Balaz
systemd-cryptsetup recognizes option 'allow-discards' in /etc/crypttab to enable TRIM passthrough to underlying encrypted device. In Debian this option was changed to 'discard' to avoid hyphen in option name. (see: #648868 and `man crypttab`). [zj: update crypttab(5) too, making "discard" the default.]
2013-07-21man: wording and grammar updatesJan Engelhardt
This includes regularly-submitted corrections to comma setting and orthographical mishaps that appeared in man/ in recent commits.
2013-07-16cryptsetup: Add tcrypt supportJan Janssen
Tcrypt uses a different approach to passphrases/key files. The passphrase and all key files are incorporated into the "password" to open the volume. So, the idea of slots that provide a way to open the volume with different passphrases/key files that are independent from each other like with LUKS does not apply. Therefore, we use the key file from /etc/crypttab as the source for the passphrase. The actual key files that are combined with the passphrase into a password are provided as a new option in /etc/crypttab and can be given multiple times if more than one key file is used by a volume.
2013-07-03man: more grammar improvementsJan Engelhardt
- place commas - expand contractions (this is written prose :) - add some missing words
2013-06-26man: always supply quotes around literalsZbigniew Jędrzejewski-Szmek
When manpages are displayed on a terminal, <literal>s are indistinguishable from surrounding text. Add quotes everywhere, remove duplicate quotes, and tweak a few lists for consistent formatting. https://bugzilla.redhat.com/show_bug.cgi?id=874631
2013-04-18man: document that timeout=0 is the default for entries in crypttabLennart Poettering
2013-02-06build-sys: create Makefile-man.am automaticallyZbigniew Jędrzejewski-Szmek
man rules were repeating the same information in too many places, which was error prone. Those rules can be easily generated from .xml files. For efficiency and because python is not a required dependency, Makefile-man.am is only regenerated when requested with make update-man-list If no metadata in man/*.xml changed, this file should not change. So only when a new man page or a new alias is added, this file should show up in 'git diff'. The change should then be committed. If the support for building from git without python was dropped, we could drop Makefile-man.am from version control. This would also increase the partial build time (since more stuff would be rebuild whenever sources in man/*.xml would be modified), so it would probably wouldn't be worth it.
2013-01-31cryptsetup: accept both "read-only" and "readonly" spellingsMichal Schmidt
Mukund Sivaraman pointed out that cryptsetup(5) mentions the "read-only" option, while the code understands "readonly". We could just fix the manpage, but for consistency in naming of multi-word options it would be prettier to have "read-only". So let's accept both spellings. BZ: https://bugzilla.redhat.com/show_bug.cgi?id=903463
2013-01-26man: extend systemd.directives(7) to all manual pagesZbigniew Jędrzejewski-Szmek
New sections are added: PAM options, crypttab options, commandline options, miscellaneous. The last category will be used for all untagged <varname> elements. Commandline options sections is meant to be a developer tool: when adding an option it is sometimes useful to be able to check if similarly named options exist elsewhere.
2013-01-23man: clearify the meaning of timeout=0 for password agentsTom Gundersen
The fact that timeout=0 makes password agents wait indefinitely is documented in http://www.freedesktop.org/wiki/Software/systemd/PasswordAgents. Document it also in the relevant man pages.
2012-09-13man: fix a bunch of typos in docsThomas Hindoe Paaboel Andersen
https://bugs.freedesktop.org/show_bug.cgi?id=54501
2012-08-03cryptsetup: add keyfile-size= supportTom Gundersen
This is useful e.g. if the keyfile is a raw device, where only parts of it should be read. It is typically used whenever the keyfile-offset= option is specified. Tested-by: Erik Westrup <erik.westrup@gmail.com>
2012-07-09cryptsetup: add keyfile-offset= supportTom Gundersen
This is useful if your keyfile is a block device, and you want to use a specific part of it, such as an area between the MBR and the first partition. This feature is documented in the Arch wiki[0], and has been supported by the Arch initscripts, so would be nice to get this into systemd. This requires libcryptsetup >= 1.4.2 (released 12.4.2012). Acked-by: Paul Menzel <paulepanter@users.sourceforge.net> [0]: <https://wiki.archlinux.org/index.php/System_Encryption_with_LUKS# Storing_the_key_between_MBR_and_1st_partition>
2012-06-27man: document systemd-cryptsetup-generatorLennart Poettering
2012-06-27man: document /etc/crypttabLennart Poettering