DragonFly On-Line Manual Pages

Search: Section:  

CRYPTTAB(5)              DragonFly File Formats Manual             CRYPTTAB(5)


NAME

     crypttab -- encrypted disk device table


DESCRIPTION

     The crypttab file contains a list of the encrypted disk devices of the
     system. Each encrypted volume is described on a separate line; fields on
     each line are separated by tabs or spaces.

     The first field, (name), contains the name of the resultant crypto volume
     device, which will be a node in /dev/mapper with the given name.

     The second field, (device), is the underlying device on which the crypto
     volume resides and must be a full device path to a node in /dev.

     The third field, (keyfile), is either the value none or the full path on
     the file system to a keyfile to unlock the crypto volume.  If none is
     specified, the system will prompt for a password during the boot
     sequence.

     The fourth field, (options), can contain a comma separated list with the
     following options on DragonFly or can be set to none.

     tries=N               Prompt for the passphrase at most N times if the
                           entered passphrase is incorrect.

     timeout=T             Time out the interactive passphrase prompt after T
                           seconds.

     keyscript=script      Run the script pointed at by script to get the
                           passphrase. The stdout output of the script will be
                           used as the passphrase instead of showing an inter-
                           active prompt.

     Note that the crypttab file on DragonFly currently only supports LUKS
     volumes and not raw cryptsetup(8) volumes.

     If the dm_target_crypt(4) target is not built-in, make sure to set up
     loader.conf(5) to preload it, since dm(4) is not able to autoload the
     targets before /boot is mounted.


FILES

     /etc/crypttab  The crypttab file resides in /etc.


EXAMPLES

     The following line specifies a crypto volume without a keyfile, so that a
     password will be prompted during the boot sequence. Upon successful entry
     of the password the device /dev/mapper/vol1 will be created.

           vol1        /dev/da0s1b    none               none

     The next example is as the one before but using a keyfile on /boot
     instead of an interactive password prompt.

           vol1        /dev/da0s1b    /boot/keyfile.0    none

     The last example shows the use of the options. It will ask at most 2
     times for a passphrase and time out after 10 seconds.

           vol1        /dev/da0s1b    none               tries=2,timeout=10


SEE ALSO

     cryptsetup(8)


HISTORY

     The crypttab file format appeared in DragonFly 2.9.

DragonFly 3.5                  October 22, 2010                  DragonFly 3.5

Search: Section: