svn commit: r223076 - stable/7/sbin/geom/class/eli

Glen Barber gjb at FreeBSD.org
Tue Jun 14 10:50:17 UTC 2011 

Author: gjb (doc committer)
Date: Tue Jun 14 10:50:16 2011
New Revision: 223076
URL: http://svn.freebsd.org/changeset/base/223076

Log:
  MFC 216147 [1], 219424 [2]:
  
  216147 by delphij [1]:
   - Recommend a overwrite of whole geli provider before use.
  
  219424 by pjd [2]:
   - Change example wording.
  
  PR:		155385 [2]

Modified:
  stable/7/sbin/geom/class/eli/geli.8
Directory Properties:
  stable/7/sbin/geom/   (props changed)
  stable/7/sbin/geom/class/journal/   (props changed)
  stable/7/sbin/geom/class/label/   (props changed)
  stable/7/sbin/geom/class/part/   (props changed)
  stable/7/sbin/geom/class/stripe/   (props changed)
  stable/7/sbin/geom/misc/   (props changed)

Modified: stable/7/sbin/geom/class/eli/geli.8
==============================================================================
--- stable/7/sbin/geom/class/eli/geli.8	Tue Jun 14 10:50:01 2011	(r223075)
+++ stable/7/sbin/geom/class/eli/geli.8	Tue Jun 14 10:50:16 2011	(r223076)
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd September 16, 2006
+.Dd March 9, 2011
 .Dt GELI 8
 .Os
 .Sh NAME
@@ -543,15 +543,17 @@ Enter passphrase:
 .Ed
 .Pp
 Create an encrypted provider, but use two keys:
-one for your girlfriend and one for
-you (so there will be no tragedy if she forgets her passphrase):
+one for your employee and one for you as company's security officer
+(so there is no tragedy if the employee
+.Qq accidentally
+forgets his passphrase):
 .Bd -literal -offset indent
 # geli init /dev/da2
-Enter new passphrase:	(enter your passphrase)
+Enter new passphrase:	(enter security officer passphrase)
 Reenter new passphrase:
 # geli setkey -n 1 /dev/da2
-Enter passphrase:	(enter your passphrase)
-Enter new passphrase:	(let your girlfriend enter her passphrase ...)
+Enter passphrase:	(enter security officer passphrase)
+Enter new passphrase:	(let your employee enter his passphrase ...)
 Reenter new passphrase:	(... twice)
 .Ed
 .Pp
@@ -643,6 +645,10 @@ changes with the data he owns without no
 In other words
 .Nm
 will not protect your data against replay attacks.
+.Pp
+It is recommended to write the whole provider before the first use,
+in order to make sure that all sectors and their corresponding
+checksums are properly initialized into a consistent state.
 .Sh SEE ALSO
 .Xr crypto 4 ,
 .Xr gbde 4 ,

More information about the svn-src-stable mailing list