diff options
author | Milan Broz <gmazyland@gmail.com> | 2015-11-22 12:47:42 +0100 |
---|---|---|
committer | Milan Broz <gmazyland@gmail.com> | 2015-11-22 12:50:34 +0100 |
commit | 34ddae154ecf877e396fdc7a13bc9cc08f884797 (patch) | |
tree | c164071d720bf3f591b72d7485e2a587cfd27e77 /man | |
parent | 8da37ce4b04c13993c85b294ecec39ac97ec014f (diff) | |
download | cryptsetup-34ddae154ecf877e396fdc7a13bc9cc08f884797.tar.gz |
Fix luksKillSlot to not suppress provided password in batch mode.
Batch mode should enable no-query keyslot wipe but only if user
did not provided password or keyfile explicitely.
Fixes issue #265.
Signed-off-by: Milan Broz <gmazyland@gmail.com>
Diffstat (limited to 'man')
-rw-r--r-- | man/cryptsetup.8 | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/man/cryptsetup.8 b/man/cryptsetup.8 index db12d7c0..b7dd4f49 100644 --- a/man/cryptsetup.8 +++ b/man/cryptsetup.8 @@ -286,8 +286,9 @@ inaccessible. .PP \fIluksKillSlot\fR <device> <key slot number> .IP -Wipe the key-slot number <key slot> from the LUKS device. A remaining -passphrase must be supplied, either interactively or via \-\-key-file. +Wipe the key-slot number <key slot> from the LUKS device. Except running +in batch-mode (\-q) a remaining passphrase must be supplied, +either interactively or via \-\-key-file. This command can remove the last remaining key-slot, but requires an interactive confirmation when doing so. Removing the last passphrase makes a LUKS container permanently inaccessible. @@ -297,11 +298,16 @@ passphrase makes a LUKS container permanently inaccessible. \fBWARNING:\fR If you read the passphrase from stdin (without further argument or with '-' as argument -to \-\-key-file), batch-mode (\-q) will be implicitely +to \-\-key-file), batch-mode (\-q) will be implicitly switched on and no warning will be given when you remove the last remaining passphrase from a LUKS container. Removing the last passphrase makes the LUKS container permanently inaccessible. + +\fBNOTE:\fR If there is no passphrase provided (on stdin or through +\-\-key-file argument) and batch-mode (\-q) is active, the +key-slot is removed without any other warning. + .PP \fIerase\fR <device> .br |