From b25a3f90d9a402b0170fe88f5c6b4c786e1cec4a Mon Sep 17 00:00:00 2001 From: Marc Fonvieille Date: Mon, 20 Aug 2007 16:48:01 +0000 Subject: [PATCH] - Various SGML fixes (use of correct tags); - Avoid the capitalization of the geli command; - In disk encryption section, reword a sentence mentioning old removed swap encryption stuff; - Slight rewording of a title to match what we really talk about; - Punctuation fix where needed. --- .../books/handbook/disks/chapter.sgml | 33 +++++++++---------- 1 file changed, 15 insertions(+), 18 deletions(-) diff --git a/en_US.ISO8859-1/books/handbook/disks/chapter.sgml b/en_US.ISO8859-1/books/handbook/disks/chapter.sgml index c98ba4ac58..39d06a8976 100644 --- a/en_US.ISO8859-1/books/handbook/disks/chapter.sgml +++ b/en_US.ISO8859-1/books/handbook/disks/chapter.sgml @@ -3748,8 +3748,8 @@ Filesystem Size Used Avail Capacity Mounted on provided. Arguments for this script can be passed via &man.rc.conf.5;, for example: - gbde_autoattach_all="YES" -gbde_devices="ad4s1c" + gbde_autoattach_all="YES" +gbde_devices="ad4s1c" This will require that the gbde passphrase be entered at boot time. After typing the correct @@ -3805,7 +3805,7 @@ gbde_devices="ad4s1c" A new cryptographic GEOM class is available as of &os; 6.0 - geli. It is currently being developed by - &a.pjd;. Geli is different to + &a.pjd;. The geli utility is different to gbde; it offers different features and uses a different scheme for doing cryptographic work. @@ -3851,9 +3851,7 @@ gbde_devices="ad4s1c" The next steps will describe how to enable support for geli in the &os; kernel and will explain how - to create a new geli encryption provider. At - the end it will be demonstrated how to create an encrypted swap - partition using features provided by geli. + to create and use a geli encryption provider. In order to use geli, you must be running &os; 6.0-RELEASE or later. Super-user privileges will be @@ -3861,14 +3859,13 @@ gbde_devices="ad4s1c" - Adding <command>geli</command> Support to the Kernel - Configuration File + Adding <command>geli</command> Support to the Kernel Add the following lines to the kernel configuration file: - options GEOM_ELI -device crypto + options GEOM_ELI +device crypto Rebuild the kernel as described in . @@ -3877,7 +3874,7 @@ device crypto be loaded at boot time. Add the following line to the /boot/loader.conf: - geom_eli_load="YES" + geom_eli_load="YES" &man.geli.8; should now be supported by the kernel. @@ -3943,7 +3940,7 @@ Enter passphrase: &prompt.root; mount /dev/da2.eli /private The encrypted file system should be visible to &man.df.1; - and be available for use now. + and be available for use now: &prompt.root; df -H Filesystem Size Used Avail Capacity Mounted on @@ -3981,8 +3978,8 @@ Filesystem Size Used Avail Capacity Mounted on An example of configuring geli through &man.rc.conf.5; follows: - geli_devices="da2" -geli_da2_flags="-p -k /root/da2.key" + geli_devices="da2" +geli_da2_flags="-p -k /root/da2.key" This will configure /dev/da2 as a geli provider of which the Master Key file @@ -4067,10 +4064,10 @@ geli_da2_flags="-p -k /root/da2.key" .bde suffix should be added to the device in the respective /etc/fstab swap line: - + # Device Mountpoint FStype Options Dump Pass# /dev/ad0s1b.bde none swap sw 0 0 - + For systems prior to &os; 6.0-RELEASE, the following line in /etc/rc.conf is also needed: @@ -4086,10 +4083,10 @@ geli_da2_flags="-p -k /root/da2.key" .eli suffix should be added to the device in the respective /etc/fstab swap line: - + # Device Mountpoint FStype Options Dump Pass# /dev/ad0s1b.eli none swap sw 0 0 - + &man.geli.8; uses the AES algorithm with a key length of 256 bit by default.