[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v9 7/7] docs: Add documentation on keyfile and detached header op
From: |
Glenn Washburn |
Subject: |
[PATCH v9 7/7] docs: Add documentation on keyfile and detached header options to cryptomount |
Date: |
Mon, 11 Apr 2022 06:40:28 +0000 |
Signed-off-by: Glenn Washburn <development@efficientek.com>
---
docs/grub.texi | 16 +++++++++++-----
1 file changed, 11 insertions(+), 5 deletions(-)
diff --git a/docs/grub.texi b/docs/grub.texi
index 9835c878af..c1bf532636 100644
--- a/docs/grub.texi
+++ b/docs/grub.texi
@@ -4347,11 +4347,17 @@ Alias for @code{hashsum --hash crc32 arg @dots{}}. See
command @command{hashsum}
@node cryptomount
@subsection cryptomount
-@deffn Command cryptomount [@option{-p} password] device|@option{-u}
uuid|@option{-a}|@option{-b}
-Setup access to encrypted device. If @option{-p} is not given, a passphrase
-is requested interactively. Otherwise, the given @var{password} will be used
and
-no passphrase will be requested interactively.
-Option @var{device} configures specific grub device
+@deffn Command cryptomount [ [@option{-p} password] | [@option{-k} keyfile
[@option{-O} keyoffset] [@option{-S} keysize] ] ] [@option{-H} file]
device|@option{-u} uuid|@option{-a}|@option{-b}
+Setup access to encrypted device. A passphrase will be requested interactively,
+if neither the @option{-p} nor @option{-k} options are given. The option
+@option{-p} can be used to supply a passphrase (useful for scripts).
+Alternatively the @option{-k} option can be used to supply a keyfile with
+options @option{-O} and @option{-S} optionally supplying the offset and size,
+respectively, of the key data in the given key file. The @option{-H} options
can
+be used to supply cryptomount backends with an alternative header file (aka
+detached header). Not all backends have headers nor support alternative header
+files (currently only LUKS1 and LUKS2 support them).
+Argument @var{device} configures specific grub device
(@pxref{Naming convention}); option @option{-u} @var{uuid} configures device
with specified @var{uuid}; option @option{-a} configures all detected encrypted
devices; option @option{-b} configures all geli containers that have boot flag
set.
--
2.25.1
- [PATCH v9 0/7] Cryptodisk detached headers and key files, Glenn Washburn, 2022/04/11
- [PATCH v9 1/7] cryptodisk: luks: Unify grub_cryptodisk_dev function names, Glenn Washburn, 2022/04/11
- [PATCH v9 7/7] docs: Add documentation on keyfile and detached header options to cryptomount,
Glenn Washburn <=
- [PATCH v9 2/7] cryptodisk: geli: Unify grub_cryptodisk_dev function names, Glenn Washburn, 2022/04/11
- [PATCH v9 3/7] cryptodisk: Add --header option to cryptomount and fail to implement it in the backends, Glenn Washburn, 2022/04/11
- [PATCH v9 4/7] cryptodisk: Add support for LUKS1 detached headers, Glenn Washburn, 2022/04/11
- [PATCH v9 5/7] cryptodisk: Add options to cryptomount to support keyfiles, Glenn Washburn, 2022/04/11
- [PATCH v9 6/7] luks2: Add detached header support, Glenn Washburn, 2022/04/11