f0732370dd
.Bf -emphasis ... .Ef o Grammar/spelling Sponsored by: DARPA, NAI Labs
196 lines
5.9 KiB
Groff
196 lines
5.9 KiB
Groff
.\"
|
|
.\" Copyright (c) 2002 Poul-Henning Kamp
|
|
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
|
.\" All rights reserved.
|
|
.\"
|
|
.\" This software was developed for the FreeBSD Project by Poul-Henning Kamp
|
|
.\" and NAI Labs, the Security Research Division of Network Associates, Inc.
|
|
.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
|
|
.\" DARPA CHATS research program.
|
|
.\"
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
.\" modification, are permitted provided that the following conditions
|
|
.\" are met:
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
.\"
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
.\" SUCH DAMAGE.
|
|
.\"
|
|
.\" $FreeBSD$
|
|
.\"
|
|
.Dd October 19, 2002
|
|
.Os
|
|
.Dt gbde 8
|
|
.Sh NAME
|
|
.Nm gbde
|
|
.Nd Operation and management utility for Geom Based Disk Encryption.
|
|
.Sh SYNOPSIS
|
|
.Nm
|
|
.Cm attach
|
|
.Ar destination
|
|
.Op Fl l Ar lockfile
|
|
.Op Fl p Ar pass-phrase
|
|
.Nm
|
|
.Cm detach
|
|
.Ar destination
|
|
.Nm
|
|
.Cm init
|
|
.Ar destination
|
|
.Op Fl i
|
|
.Op Fl f Ar filename
|
|
.Op Fl L Ar lockfile
|
|
.Op Fl P Ar pass-phrase
|
|
.Nm
|
|
.Cm setkey
|
|
.Ar destination
|
|
.Op Fl n Ar key
|
|
.Op Fl l Ar lockfile
|
|
.Op Fl p Ar pass-phrase
|
|
.Op Fl L Ar new-lockfile
|
|
.Op Fl P Ar new-pass-phrase
|
|
.Nm
|
|
.Cm destroy
|
|
.Ar destination
|
|
.Op Fl n Ar key
|
|
.Op Fl l Ar lockfile
|
|
.Op Fl p Ar pass-phrase
|
|
.Op Fl L Ar lockfile
|
|
.Sh DESCRIPTION
|
|
.Bf -emphasis
|
|
NOTICE:
|
|
Please be aware that this code has not yet received much review
|
|
and analysis by qualified cryptographers and therefore should be considered
|
|
a slightly suspect experimental facility.
|
|
.Pp
|
|
We cannot at this point guarantee that the on-disk format will not change
|
|
in response to reviews or bug-fixes, so potential users are adviced to
|
|
be prepared that
|
|
.Xr dump 8 Ns / Ns
|
|
.Xr restore 8
|
|
based migrations may be called for in the future.
|
|
.Ef
|
|
.Pp
|
|
The
|
|
.Nm
|
|
program is the only official operation and management interface for the
|
|
.Xr gbde 4
|
|
GEOM based disk encryption kernel facility.
|
|
The interaction between the
|
|
.Nm
|
|
program and the kernel part is not a published interface.
|
|
.Pp
|
|
The operational aspect consists of two subcommands:
|
|
one to open and attach
|
|
a device to the in-kernel cryptographic gbde module,
|
|
and one to close and detach a device.
|
|
.Pp
|
|
The management part allows initialization of the master key and lock sectors
|
|
on a device, initialization and replacement of pass-phrases and
|
|
key invalidation and blackening functions.
|
|
.Pp
|
|
The
|
|
.Fl l Ar lockfile
|
|
argument is used to supply the lock selector data.
|
|
If no
|
|
.Fl l
|
|
option is specified, the first sector is used for this purpose.
|
|
.Pp
|
|
The
|
|
.Fl L Ar new-lockfile
|
|
argument
|
|
specifies the lock selector file for the key modified with the
|
|
.Ar setkey subcommand.
|
|
.Pp
|
|
The
|
|
.Fl n Ar key
|
|
argument can be used to specify which of the four keys
|
|
to which the operation applies.
|
|
A value of 1 to 4 selects the specified key, a value of 0 (the default)
|
|
means
|
|
.Dq "this key"
|
|
(i.e., the key used to gain access to the device)
|
|
and a value of -1 means
|
|
.Dq "all keys" .
|
|
.Pp
|
|
The
|
|
.Fl f Ar filename
|
|
specifies an optional parameter file for use under initialization.
|
|
.Pp
|
|
Alternatively, the
|
|
.Fl i
|
|
option toggles an interactive mode where a template file with descriptions
|
|
of the parameters can be interactively edited.
|
|
.Pp
|
|
The
|
|
.Fl p Ar pass-phrase
|
|
argument
|
|
specifies the pass-phrase used to opening the device.
|
|
If not specified, the controlling terminal will be used to prompt the user
|
|
for the pass-phrase.
|
|
Be aware that using this option may expose the pass-phrase to other
|
|
users who happen to run
|
|
.Xr ps 1
|
|
or similar while the command is running.
|
|
.Pp
|
|
The
|
|
.Fl P Ar new-pass-phrase
|
|
argument
|
|
can be used to specify the new pass-phrase to the
|
|
.Cm init
|
|
and
|
|
.Cm setkey
|
|
subcommands.
|
|
If not specified, the user is prompted for the new pass-phrase on the
|
|
controlling terminal.
|
|
Be aware that using this option may expose the pass-phrase to other
|
|
users who happen to run
|
|
.Xr ps 1
|
|
or similar while the command is running.
|
|
.Sh EXAMPLES
|
|
To initialize a device, using default parameters:
|
|
.Dl # gbde init /dev/ad0s1f -l /etc/ad0s1f.lock
|
|
.Pp
|
|
To attach an encrypted device:
|
|
.Dl # gbde attach ad0s1f -l /etc/ad0s1f.lock
|
|
.Pp
|
|
To detach an encrypted device:
|
|
.Dl # gbde detach ad0s1f
|
|
.Pp
|
|
To initialize the second key using a detached lockfile and a trivial
|
|
pass-phrase:
|
|
.Dl # gbde setkey ad0s1f -n 2 -P foo -L key2.lockfile
|
|
.Pp
|
|
To destroy all copies of the masterkey:
|
|
.Dl # gbde destroy ad0s1f -n -1
|
|
.Sh SEE ALSO
|
|
.Xr gbde 4 ,
|
|
.Xr geom 4 .
|
|
.Rs
|
|
.%A Poul-Henning Kamp
|
|
.%T "Making sure data is lost: Spook-strength encryption of on-disk data"
|
|
.%R "Refereed paper, NORDU2003 conference"
|
|
.Re
|
|
.Sh HISTORY
|
|
This software was developed for the FreeBSD Project by Poul-Henning Kamp
|
|
and NAI Labs, the Security Research Division of Network Associates, Inc.
|
|
under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
|
|
DARPA CHATS research program.
|
|
.Sh AUTHORS
|
|
.An "Poul-Henning Kamp" Aq phk@FreeBSD.org
|
|
.Sh BUGS
|
|
The cryptographic algorithms and the overall design has not been
|
|
attacked mercilessly for over 10 years by a gang or cryptoanalysts.
|