On Sun, Sep 12, 2010 at 12:22:25PM -0700, Chris Palmer wrote: > I recently set up a CRYPTO volume with softraid(4) and enjoyed it. Thanks! > > Here are some hopefully-clarifying diffs to the man pages. >
ok, my diff below tries to collect the various bits of feedback. stuff i haven't taken: - delete -> detach, for reasons given by marco - `` -> "; i don't think it's worth changing - sd2 -> sd3; ditto - the softraid(4) tweak, for reasons i gave earlier feel free to argue. anyway, here's what i have. ok? jmc Index: bioctl.8 =================================================================== RCS file: /cvs/src/sbin/bioctl/bioctl.8,v retrieving revision 1.80 diff -u -r1.80 bioctl.8 --- bioctl.8 31 Dec 2009 14:00:45 -0000 1.80 +++ bioctl.8 13 Sep 2010 05:09:59 -0000 @@ -223,7 +223,7 @@ It cannot be used during the initial creation of the crypto volume. .It Fl r Ar rounds When creating an encrypted volume, specifies the number of iterations of -the algorithm used to convert a passphrase into a key. +the PBKDF2 algorithm used to convert a passphrase into a key. Higher iteration counts take more time, but offer more resistance to key guessing attacks. The minimum is 1000 rounds and the default is 8192. @@ -245,7 +245,7 @@ .Ed .Pp .Nm -will ask for a passphrase, that will be needed to unlock the encrypted +will ask for a passphrase, which will be needed to unlock the encrypted disk. After creating a newly encrypted disk, the first megabyte of it should be zeroed, so tools like @@ -267,6 +267,11 @@ .Xr bio 4 , .Xr scsi 4 , .Xr softraid 4 +.Rs +.%R RFC 2898 +.%T "PKCS #5: Password-Based Cryptography Specification Version 2.0" +.%D 2000 +.Re .Sh HISTORY The .Nm @@ -278,4 +283,4 @@ interface was written by .An Marco Peereboom Aq ma...@openbsd.org . .Sh CAVEATS -Use of the crypto & RAID 4/5 disciplines are currently considered experimental. +Use of the CRYPTO & RAID 4/5 disciplines are currently considered experimental.