From f7f01dc4b4cdf0db0410ddc56f0c7a303b96d59e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Amadeusz=20=C5=BBo=C5=82nowski?= Date: Tue, 10 May 2011 19:43:20 +0200 Subject: [PATCH] dracut.kernel.7: crypto LUKS - info about gpg-encrypted keys --- dracut.kernel.7.xml | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/dracut.kernel.7.xml b/dracut.kernel.7.xml index 1de4df1..a277c74 100644 --- a/dracut.kernel.7.xml +++ b/dracut.kernel.7.xml @@ -317,7 +317,7 @@ This parameter can be specified multiple times. rd.luks.key=<keypath>:<keydev>:<luksdev> - keypath is a path to key file to look for. It's REQUIRED. + keypath is a path to key file to look for. It's REQUIRED. When keypath ends with '.gpg' it's considered to be key encrypted symmetrically with GPG. You will be prompted for password on boot. GPG support comes with 'crypt-gpg' module which needs to be added explicitly. keydev is a device on which key file resides. It might be kernel name of devices (should start with "/dev/"), UUID (prefixed with "UUID=") or label (prefix with "LABEL="). You don't have to specify full UUID. Just its beginning will suffice, even if its ambiguous. All matching devices will be probed. This parameter is recommended, but not required. If not present, all block devices will be probed, which may significantly increase boot time. If luksdev is given, the specified key will only be applied for that LUKS device. Possible values are the same as for keydev. Unless you have several LUKS devices, you don't have to specify this parameter. The simplest usage is: -- 1.7.5.rc3