diff --git a/en_US.ISO8859-1/books/handbook/disks/chapter.sgml b/en_US.ISO8859-1/books/handbook/disks/chapter.sgml index 7b03b2e4a3..bbb5b17da8 100644 --- a/en_US.ISO8859-1/books/handbook/disks/chapter.sgml +++ b/en_US.ISO8859-1/books/handbook/disks/chapter.sgml @@ -2801,7 +2801,7 @@ Filesystem 1K-blocks Used Avail Capacity Mounted on touches the hard drive's platter. - Enabling gbde in the kernel + Enabling gbde in the Kernel @@ -2829,10 +2829,10 @@ Password: Using your favorite text editor, add the following line to your kernel configuration file: - options GEOM_BDE + options GEOM_BDE - Configure and recompile the FreeBSD kernel. If you - don't know how to create a custom kernel, see Configure, recompile, and install the FreeBSD kernel. + This process is described in . Reboot into the new kernel. @@ -2842,7 +2842,7 @@ Password: - Preparing the encrypted hard drive + Preparing the Encrypted Hard Drive The following example assumes that you are adding a new hard drive to your system that will hold a single encrypted partition. @@ -2922,7 +2922,7 @@ sector_size = 2048 url="http://world.std.com/~reinhold/diceware.html">Diceware Passphrase website. - The gbde init command created a lock + The gbde init command creates a lock file for your gbde partition that in this example has been stored as /etc/gbde/ad4s1c. @@ -2965,14 +2965,16 @@ sector_size = 2048 system on the encrypted device, use &man.newfs.8;. Since it is much faster to initialize a new UFS2 file system than it is to initialize the old UFS file system, using &man.newfs.8; with - the -O2 option is recommended. + the option is recommended. &prompt.root; newfs -U -O2 /dev/ad4s1c.bde - The newfs must be performed on an attached - gbde partition which is identified - by a *.bde extension to the device name. + The &man.newfs.8; command must be performed on an + attached gbde partition which + is identified by a + *.bde + extension to the device name. @@ -3007,7 +3009,7 @@ Filesystem Size Used Avail Capacity Mounted on - Mounting existing encrypted file systems + Mounting Existing Encrypted File Systems After each boot, any encrypted file systems must be re-attached to the kernel, checked for errors, and mounted, before @@ -3047,7 +3049,7 @@ Filesystem Size Used Avail Capacity Mounted on - Automatically mounting encrypted partitions + Automatically Mounting Encrypted Partitions It is possible to create a script to automatically attach, check, and mount an encrypted partition, but for security reasons @@ -3057,7 +3059,7 @@ Filesystem Size Used Avail Capacity Mounted on - Cryptographic protections employed by gbde + Cryptographic Protections Employed by gbde &man.gbde.8; encrypts the sector payload using 128-bit AES in CBC mode. Each sector on the disk is encrypted with a different @@ -3067,11 +3069,11 @@ Filesystem Size Used Avail Capacity Mounted on - Compatibility issues + Compatibility Issues &man.sysinstall.8; is incompatible with gbde-encrypted devices. All - *.bde devices must be detached from the + *.bde devices must be detached from the kernel before starting &man.sysinstall.8; or it will crash during its initial probing for devices. To detach the encrypted device used in our example, use the following command: