From b4a11878f2fdf5b07f895863747153de632ff4e6 Mon Sep 17 00:00:00 2001 From: Christian Seiler Date: Sun, 26 Jan 2014 12:02:49 +0100 Subject: cryptsetup: Support key-slot option Debian recently introduced the option key-slot to /etc/crypttab to specify the LUKS key slot to be used for decrypting the device. On systems where a keyfile is used and the key is not in the first slot, this can speed up the boot process quite a bit, since cryptsetup does not need to try all of the slots sequentially. (Unsuccessfully testing a key slot typically takes up to about 1 second.) This patch makes systemd aware of this option. Debian bug that introduced the feature: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704470 --- man/crypttab.xml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'man') diff --git a/man/crypttab.xml b/man/crypttab.xml index 90d8ce95fe..5f386e55f8 100644 --- a/man/crypttab.xml +++ b/man/crypttab.xml @@ -163,6 +163,20 @@ given by the key size. + + key-slot= + + Specifies the key slot to + compare the passphrase or key against. + If the key slot does not match the given + passphrase or key, but another would, the + setup of the device will fail regardless. + This implies luks. See + cryptsetup8 + for possible values. The default is to try + all key slots in sequential order. + + luks -- cgit v1.2.3-54-g00ecf