CRYPTCONFIG(8) System Manager's Manual CRYPTCONFIG(8)NAME
cryptconfig - configure encrytped home directories and LUKS partitions
SYNOPSIS
cryptconfig [COMMAND] [COMMAND-OPTIONS] [arg1] [arg2] ...
DESCRIPTION
Cryptconfig is a utility for configuring encrypted home directories. It also supports creating LUKS disk images, creating LUKS partitions,
and enlarging disk images along with their file systems.
COMMANDS
The following commands are supported:
make-ehd
Create a new encrypted home directory image and image key.
passwd Change the password used to encrypt an image key.
create-image
Create an abrbitrary LUKS disk image.
enlarge-image
Enlarge a disk image and it's file system.
format Create a LUKS partition on a device.
pm-enable
Enable pam_mount with encrypted home directories.
pm-disable
Disable pam_mount with encrypted home directories.
create-key
Create a new key that can be added to an image.
open Open a LUKS image
close Close devices using a LUKS image
SEE ALSO cryptsetup(8), pam_mount(8)CRYPTCONFIG(8)
Check Out this Related Man Page
pmt-ehd(8) pam_mount pmt-ehd(8)Name
pmt-ehd - create an encrypted disk image
Syntax
pmt-ehd [-DFx] [-c fscipher] [-h hash] [-k fscipher_keybits] [-t fstype] -f container_path -s size_in_mb
Options
Mandatory options that are absent are inquired interactively, and pmt-ehd will exit if stdin is not a terminal.
-D Turn on debugging strings.
-F Force operation that would otherwise ask for interactive confirmation. Multiple -F can be specified to apply more force.
-c cipher
The cipher to be used for the filesystem. This can take any value that cryptsetup(8) recognizes, usually in the form of "cipher-
mode[-extras]". Recommended are aes-cbc-essiv:sha256 (this is the default) or aes-xts-essiv:sha256.
-f path
Store the new disk image at path. If the file already exists, pmt-ehd will prompt before overwriting unless -F is given. If path
refers to a symlink, pmt-ehd will act even more cautious.
-h hash
Message digest/hash used for key derivation in the PBKDF2 stage. The default is sha512.
-i cipher
(This option had been removed in pam_mount/pmt_ehd 2.11.)
-k keybits
The keysize for the cipher specified with -c. Some ciphers support multiple keysizes, AES for example is available with at least the
keysizes 192 and 256. Defaults to 256 (to match aes-cbc-essiv). Note that XTS uses two keys, but drawn from the same key material,
so aes-cbc-256 is equivalent to aes-xts-512, and aes-cbc-128 is to aes-xts-256.
-p path
(This option had been removed in pam_mount/pmt_ehd 2.11.)
-s size
The initial size of the encrypted filesystem, in megabytes. This option is ignored when the filesystem is created on a block device.
-t fstype
Filesystem to use for the encrypted filesystem. Defaults to xfs.
-u user
Give the container and fskey files to user (because the program is usually runs as root, and the files would otherwise retain root
ownership).
-x Do not initialize the container with random bytes. This may impact secrecy.
Description
pmt-ehd can be used to create a new encrypted container, and replaces the previous mkehd script as well as any HOWTOs that explain how to
do it manually. Without any arguments, pmt-ehd will interactively ask for all missing parameters. To create a container with a size of 256
MB, use:
pmt-ehd -f /home/user.cont -s 256
pam_mount 2011-Aug-05 pmt-ehd(8)
Hi all,
I want to create a new user and grant him ONLY transfer files access to a specific directory where he can only upload and read the files. He should be restricted to this activity only.
Regards (6 Replies)
Hi everyone,
I know the following questions are noobish questions but I am asking them because I am confused about the basics of history behind UNIX and LINUX.
Ok onto business, my questions are-:
Was/Is UNIX ever an open source operating system ?
If UNIX was... (21 Replies)
Hi,
Last 2 weeks I have searched many forums and i haven't found the answer for the question:
How to get all command output to Putty title?
Needed it for other programs to know when some jobs on a server is done and is it done right or wrong. Plink stdout and stdin wasn't working, i used many... (1 Reply)
anyone have any idea how do to this with auth_attr?
I suspect if I grant him
solaris.device.:RO::Device Allocation::help=DevAllocHeader.html
that will work but I'm unsure. Just looking for a second opinion. (10 Replies)
I am looking for a stable, reliable system to replace my current Windows systems in the home. These are simple systems that I purchased from the local Big Box store.
I have heard many good things about Unix and it's various children and it sounds like a good option to me. I have worked... (2 Replies)
We have a lot of scripts using cut as :
cut -c 0-8 --works for cut (GNU coreutils) 5.97, but does not work for cut (GNU coreutils) 8.4.
Gives error -
cut: fields and positions are numbered from 1
Try `cut --help' for more information.
The position needs to start with 1 for later... (6 Replies)
I've got a problem with a proxy configuration. We have an LDAP group that lists all users who are authorised to use the proxy to FTP (usually Filezilla) out to the world, and by implication those not in the group should be denied. My users are delighted that this has been enabled and those that... (9 Replies)
hi folks,
how to using tar with exclude directory and compress it using tar.Z
i only know how to exclude dir only with this command below:
tar -cvf /varios/restore/test.tar -X excludefile.txt /jfma/test1/
how to compress it using 1 command?
Thanx
Please use CODE tags as... (6 Replies)
Hello All,
I had recently learnt a bit of Docker(which provides containerization process).
Here are some of my learning points from it.
Let us start first with very basic question:
What is Docker:
Docker is a platform for sysadmins and developers to DEPLOY, DEVELOP and RUN applications ... (7 Replies)
What is the point of this? Whenever I close my shell it appends to the history file without adding this. I have never seen it overwrite my history file.
# When the shell exits, append to the history file instead of overwriting it
shopt -s histappend (3 Replies)
Hello for all,
I am testing the behavior of a 32 bit application running on Solaris 5.10 (SPARC), and realize it reaches 4GB of memory and then crashes.
It doesn't matter the amount of used memory as application is intended to perform many transactions; rather, what I want to achieve is to... (2 Replies)