10 May 2011 19:44
[PATCH] dracut.kernel.7: crypto LUKS - info about gpg-encrypted keys
---
dracut.kernel.7.xml | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/dracut.kernel.7.xml b/dracut.kernel.7.xml
index 1de4df1..a277c74 100644
--- a/dracut.kernel.7.xml
+++ b/dracut.kernel.7.xml
<at> <at> -317,7 +317,7 <at> <at> This parameter can be specified multiple times.</para>
<envar>rd.luks.key=</envar><replaceable><keypath>:<keydev>:<luksdev></replaceable>
</term>
<listitem>
- <para><replaceable>keypath</replaceable> is a path to key file to look for. It's REQUIRED.</para>
+ <para><replaceable>keypath</replaceable> is a path to key file to look for. It's REQUIRED. When
<replaceable>keypath</replaceable> ends with '.gpg' it's considered to be key encrypted
symmetrically with GPG. You will be prompted for password on boot. GPG support comes with 'crypt-gpg'
module which needs to be added explicitly.</para>
<para><replaceable>keydev</replaceable> is a device on which key file resides. It might be kernel name
of devices (should start with "/dev/"), UUID (prefixed with "UUID=") or label
(prefix with "LABEL="). You don't have to specify full UUID. Just its beginning will
suffice, even if its ambiguous. All matching devices will be probed. This parameter is recommended, but
not required. If not present, all block devices will be probed, which may significantly increase boot time.</para>
<para>If <replaceable>luksdev</replaceable> is given, the specified key will only be applied for that
LUKS device. Possible values are the same as for <replaceable>keydev</replaceable>. Unless you have
several LUKS devices, you don't have to specify this parameter.</para>
<para>The simplest usage is:</para>
--
--
1.7.5.rc3
RSS Feed