GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
E4CRYPT(8) FreeBSD System Manager's Manual E4CRYPT(8)

e4crypt - ext4 file system encryption utility

e4crypt add_key -S [ -k keyring ] [-v] [-q] [ -p pad ] [ path ... ]
e4crypt new_session
e4crypt get_policy path ...
e4crypt set_policy [ -p pad ] policy path ...

e4crypt performs encryption management for ext4 file systems.

Prompts the user for a passphrase and inserts it into the specified keyring. If no keyring is specified, e4crypt will use the session keyring if it exists or the user session keyring if it does not.
The salt argument is interpreted in a number of different ways, depending on how its prefix value. If the first two characters are "s:", then the rest of the argument will be used as an text string and used as the salt value. If the first two characters are "0x", then the rest of the argument will be parsed as a hex string as used as the salt. If the first characters are "f:" then the rest of the argument will be interpreted as a filename from which the salt value will be read. If the string begins with a '/' character, it will similarly be treated as filename. Finally, if the salt argument can be parsed as a valid UUID, then the UUID value will be used as a salt value.
The keyring argument specifies the keyring to which the key should be added.
The pad value specifies the number of bytes of padding will be added to directory names for obfuscation purposes. Valid pad values are 4, 8, 16, and 32.
If one or more directory paths are specified, e4crypt will try to set the policy of those directories to use the key just added by the add_key command. If a salt was explicitly specified, then it will be used to derive the encryption key of those directories. Otherwise a directory-specific default salt will be used.
Print the policy for the directories specified on the command line.
Give the invoking process (typically a shell) a new session keyring, discarding its old session keyring.
Sets the policy for the directories specified on the command line. All directories must be empty to set the policy; if the directory already has a policy established, e4crypt will validate that the policy matches what was specified. A policy is an encryption key identifier consisting of 16 hexadecimal characters.

Written by Michael Halcrow <mhalcrow@google.com>, Ildar Muslukhov <muslukhovi@gmail.com>, and Theodore Ts'o <tytso@mit.edu>

keyctl(1), mke2fs(8), mount(8).

December 2021 E2fsprogs version 1.46.5
Search for    or go to Top of page |  Section 8 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.