suse man page for pmt-ehd

Suse Man Pages All Man Pages Latest Topics Forum Categories

Query: pmt-ehd

OS: suse

Section: 8

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

pmt-ehd(8)							     pam_mount								pmt-ehd(8)

Name
       pmt-ehd - create an encrypted disk image

Syntax
       pmt-ehd [-DFx] [-c fscipher] [-h digest] [-i cipher] [-k fscipher_keybits] [-t fstype] -f container_path -p fskey_path -s size_in_mb

Options
       Mandatory options that are absent are inquired interactively, and pmt-ehd will exit if stdin is not a terminal.

       -D     Turn on debugging strings.

       -F     Force operation that would otherwise ask for interactive confirmation. Multiple -F can be specified to apply more force.

       -c cipher
	      The  cipher  to  be  used for the filesystem. This can take any value that cryptsetup(8) recognizes, usually in the form of "cipher-
	      mode[-extras]".  Recommended are aes-cbc-essiv:sha256 (this is the default) or blowfish-cbc-essiv:sha256.

       -f path
	      Store the new disk image at path. If the file already exists, pmt-ehd will prompt before overwriting unless -F  is  given.  If  path
	      refers to a symlink, pmt-ehd will act even more cautious.

       -h digest
	      Digest used for fskey derivation from the password. This can take any value that OpenSSL recognizes. The default is sha1.

       -i cipher
	      Cipher  used  for the filesystem key (not the encrypted filesystem itself). This can take any value that OpenSSL recognizes, usually
	      in the form of "cipher-keysize-mode". Recommended is aes-256-cbc (this is the default).

       -k keybits
	      The keysize for the cipher specified with -c. Some ciphers support multiple keysizes, AES for example is available with at least the
	      keysizes 192 and 256.  Example: -c aes-cbc-essiv:sha256 -k 192. The default is 256.

       -p path
	      Store  the filesystem key at path. The filesystem key is the ultimate key to open the encrypted filesystem, and the fs key itself is
	      encrypted with your password.

       -s size
	      The initial size of the encrypted filesystem, in megabytes. This option is ignored when the filesystem is created on a block device.

       -t fstype
	      Filesystem to use for the encrypted filesystem. Defaults to xfs.

       -u user
	      Give the container and fskey files to user (because the program is usually runs as root, and the files would otherwise  retain  root
	      ownership).

       -x     Do not initialize the container with random bytes. This may impact secrecy.

   Description
       pmt-ehd	can  be used to create a new encrypted container, and replaces the previous mkehd script as well as any HOWTOs that explain how to
       do it manually.	Without any arguments, pmt-ehd will interactively ask for all missing parameters. To create a container with a size of 256
       MB, use:

       pmt-ehd -f /home/user.key -p /home/user.enc -s 256

pam_mount							    2008-09-16								pmt-ehd(8)
Related Man Pages
crypttab(5) - debian
mount.crypto_luks(8) - debian
pam_mount(8) - suse
mount.crypt(8) - debian
crypttab(5) - opensolaris
Similar Topics in the Unix Linux Community
EncFS 1.4.2 (Default branch)
Automatically mount encrypted filesystems at login with pam_mount
How to create a password-protected (encrypted) disk image in Mac OS X 10.3 or later
Problem in increasing filesystem
Also operate in an encrypted mode