third-party-mirrors/tzpfms
1
0
Fork 0
mirror of https://git.sr.ht/~nabijaczleweli/tzpfms synced 2025-04-21 09:47:35 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

Manpage update by job 608532

Browse Source
This commit is contained in:
наб autouploader 2021-10-15 21:38:48 +00:00
parent fc4094f424
commit 20b45eb784
16 changed files with 817 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
tzpfms.pdf Normal file
View File

Binary file not shown.

803
tzpfms.ps Normal file
View File

@ -0,0 +1,803 @@
%!PS-Adobe-3.0
%%Creator: groff version 1.22.4
%%CreationDate: Fri Oct 15 21:38:47 2021
%%DocumentNeededResources: font Times-Roman
%%+ font Times-Bold
%%+ font Courier-Bold
%%+ font Courier-Oblique
%%+ font Courier
%%+ font Symbol
%%+ font Times-Italic
%%DocumentSuppliedResources: procset grops 1.22 4
%%Pages: 10
%%PageOrder: Ascend
%%DocumentMedia: Default 595 842 0 () ()
%%Orientation: Portrait
%%EndComments
%%BeginDefaults
%%PageMedia: Default
%%EndDefaults
%%BeginProlog
%%BeginResource: procset grops 1.22 4
%!PS-Adobe-3.0 Resource-ProcSet
/setpacking where{
pop
currentpacking
true setpacking
}if
/grops 120 dict dup begin
/SC 32 def
/A/show load def
/B{0 SC 3 -1 roll widthshow}bind def
/C{0 exch ashow}bind def
/D{0 exch 0 SC 5 2 roll awidthshow}bind def
/E{0 rmoveto show}bind def
/F{0 rmoveto 0 SC 3 -1 roll widthshow}bind def
/G{0 rmoveto 0 exch ashow}bind def
/H{0 rmoveto 0 exch 0 SC 5 2 roll awidthshow}bind def
/I{0 exch rmoveto show}bind def
/J{0 exch rmoveto 0 SC 3 -1 roll widthshow}bind def
/K{0 exch rmoveto 0 exch ashow}bind def
/L{0 exch rmoveto 0 exch 0 SC 5 2 roll awidthshow}bind def
/M{rmoveto show}bind def
/N{rmoveto 0 SC 3 -1 roll widthshow}bind def
/O{rmoveto 0 exch ashow}bind def
/P{rmoveto 0 exch 0 SC 5 2 roll awidthshow}bind def
/Q{moveto show}bind def
/R{moveto 0 SC 3 -1 roll widthshow}bind def
/S{moveto 0 exch ashow}bind def
/T{moveto 0 exch 0 SC 5 2 roll awidthshow}bind def
/SF{
findfont exch
[exch dup 0 exch 0 exch neg 0 0]makefont
dup setfont
[exch/setfont cvx]cvx bind def
}bind def
/MF{
findfont
[5 2 roll
0 3 1 roll
neg 0 0]makefont
dup setfont
[exch/setfont cvx]cvx bind def
}bind def
/level0 0 def
/RES 0 def
/PL 0 def
/LS 0 def
/MANUAL{
statusdict begin/manualfeed true store end
}bind def
/PLG{
gsave newpath clippath pathbbox grestore
exch pop add exch pop
}bind def
/BP{
/level0 save def
1 setlinecap
1 setlinejoin
DEFS/BPhook known{DEFS begin BPhook end}if
72 RES div dup scale
LS{
90 rotate
}{
0 PL translate
}ifelse
1 -1 scale
}bind def
/EP{
level0 restore
showpage
}def
/DA{
newpath arcn stroke
}bind def
/SN{
transform
.25 sub exch .25 sub exch
round .25 add exch round .25 add exch
itransform
}bind def
/DL{
SN
moveto
SN
lineto stroke
}bind def
/DC{
newpath 0 360 arc closepath
}bind def
/TM matrix def
/DE{
TM currentmatrix pop
translate scale newpath 0 0 .5 0 360 arc closepath
TM setmatrix
}bind def
/RC/rcurveto load def
/RL/rlineto load def
/ST/stroke load def
/MT/moveto load def
/CL/closepath load def
/Fr{
setrgbcolor fill
}bind def
/setcmykcolor where{
pop
/Fk{
setcmykcolor fill
}bind def
}if
/Fg{
setgray fill
}bind def
/FL/fill load def
/LW/setlinewidth load def
/Cr/setrgbcolor load def
/setcmykcolor where{
pop
/Ck/setcmykcolor load def
}if
/Cg/setgray load def
/RE{
findfont
dup maxlength 1 index/FontName known not{1 add}if dict begin
{
1 index/FID ne
2 index/UniqueID ne
and
{def}{pop pop}ifelse
}forall
/Encoding exch def
dup/FontName exch def
currentdict end definefont pop
}bind def
/DEFS 0 def
/EBEGIN{
moveto
DEFS begin
}bind def
/EEND/end load def
/CNT 0 def
/level1 0 def
/PBEGIN{
/level1 save def
translate
div 3 1 roll div exch scale
neg exch neg exch translate
0 setgray
0 setlinecap
1 setlinewidth
0 setlinejoin
10 setmiterlimit
[]0 setdash
/setstrokeadjust where{
pop
false setstrokeadjust
}if
/setoverprint where{
pop
false setoverprint
}if
newpath
/CNT countdictstack def
userdict begin
/showpage{}def
/setpagedevice{}def
mark
}bind def
/PEND{
cleartomark
countdictstack CNT sub{end}repeat
level1 restore
}bind def
end def
/setpacking where{
pop
setpacking
}if
%%EndResource
%%EndProlog
%%BeginSetup
%%BeginFeature: *PageSize Default
<< /PageSize [ 595 842 ] /ImagingBBox null >> setpagedevice
%%EndFeature
%%IncludeResource: font Times-Roman
%%IncludeResource: font Times-Bold
%%IncludeResource: font Courier-Bold
%%IncludeResource: font Courier-Oblique
%%IncludeResource: font Courier
%%IncludeResource: font Symbol
%%IncludeResource: font Times-Italic
grops begin/DEFS 1 dict def DEFS begin/u{.001 mul}bind def end/RES 72
def/PL 841.89 def/LS false def/ENC0[/asciicircum/asciitilde/Scaron
/Zcaron/scaron/zcaron/Ydieresis/trademark/quotesingle/Euro/.notdef
/.notdef/.notdef/.notdef/.notdef/.notdef/.notdef/.notdef/.notdef/.notdef
/.notdef/.notdef/.notdef/.notdef/.notdef/.notdef/.notdef/.notdef/.notdef
/.notdef/.notdef/.notdef/space/exclam/quotedbl/numbersign/dollar/percent
/ampersand/quoteright/parenleft/parenright/asterisk/plus/comma/hyphen
/period/slash/zero/one/two/three/four/five/six/seven/eight/nine/colon
/semicolon/less/equal/greater/question/at/A/B/C/D/E/F/G/H/I/J/K/L/M/N/O
/P/Q/R/S/T/U/V/W/X/Y/Z/bracketleft/backslash/bracketright/circumflex
/underscore/quoteleft/a/b/c/d/e/f/g/h/i/j/k/l/m/n/o/p/q/r/s/t/u/v/w/x/y
/z/braceleft/bar/braceright/tilde/.notdef/quotesinglbase/guillemotleft
/guillemotright/bullet/florin/fraction/perthousand/dagger/daggerdbl
/endash/emdash/ff/fi/fl/ffi/ffl/dotlessi/dotlessj/grave/hungarumlaut
/dotaccent/breve/caron/ring/ogonek/quotedblleft/quotedblright/oe/lslash
/quotedblbase/OE/Lslash/.notdef/exclamdown/cent/sterling/currency/yen
/brokenbar/section/dieresis/copyright/ordfeminine/guilsinglleft
/logicalnot/minus/registered/macron/degree/plusminus/twosuperior
/threesuperior/acute/mu/paragraph/periodcentered/cedilla/onesuperior
/ordmasculine/guilsinglright/onequarter/onehalf/threequarters
/questiondown/Agrave/Aacute/Acircumflex/Atilde/Adieresis/Aring/AE
/Ccedilla/Egrave/Eacute/Ecircumflex/Edieresis/Igrave/Iacute/Icircumflex
/Idieresis/Eth/Ntilde/Ograve/Oacute/Ocircumflex/Otilde/Odieresis
/multiply/Oslash/Ugrave/Uacute/Ucircumflex/Udieresis/Yacute/Thorn
/germandbls/agrave/aacute/acircumflex/atilde/adieresis/aring/ae/ccedilla
/egrave/eacute/ecircumflex/edieresis/igrave/iacute/icircumflex/idieresis
/eth/ntilde/ograve/oacute/ocircumflex/otilde/odieresis/divide/oslash
/ugrave/uacute/ucircumflex/udieresis/yacute/thorn/ydieresis]def
/Times-Italic@0 ENC0/Times-Italic RE/Courier@0 ENC0/Courier RE
/Courier-Oblique@0 ENC0/Courier-Oblique RE/Courier-Bold@0 ENC0
/Courier-Bold RE/Times-Bold@0 ENC0/Times-Bold RE/Times-Roman@0 ENC0
/Times-Roman RE
%%EndSetup
%%Page: 1 1
%%BeginPageSetup
BP
%%EndPageSetup
/F0 10/Times-Roman@0 SF -.834(ZFS-TPM-LIST \(8\))72 48 R
(System Manager')102.759 E 2.5(sM)-.55 G 97.759(anual ZFS-TPM-LIST)-2.5
F(\(8\))1.666 E/F1 10/Times-Bold@0 SF -.2(NA)72 96 S(ME).2 E/F2 10
/Courier-Bold@0 SF(zfs-tpm-list)102 108 Q F0 2.5<8a70>2.5 G
(rint dataset tzpfms metadata)-2.5 E F1(SYNOPSIS)72 132 Q F2
(zfs-tpm-list)102 144 Q F0([)3.333 E F2<ad48>2.499 E F0 3.333(][).833 G
F2<ad72>-.834 E F0(|)A F2<ad64>1.666 E/F3 10/Courier-Oblique@0 SF(depth)
6 E F0 3.333(][).833 G F2<ad61>-.834 E F0(|)A F2<ad62>1.666 E F3
(back-end)6 E F0 3.333(][).833 G F2<ad75>-.834 E F0(|)A F2<ad6c>1.666 E
F0 2.5(][).833 G F3(filesystem)-2.5 E F0(|)A F3(volume)A F0 1.666(]...)C
F1(DESCRIPTION)72 168 Q F0(Lists the follo)102 180 Q
(wing properties on encryption roots:)-.25 E/F4 10/Courier@0 SF(name)132
192 Q(back-end)132 204 Q F0(the)191 204 Q F2(tzpfms)4.153 E F0 3.318
(back-end \()4.153 F(e.g.)1.666 E F1(TPM2)4.152 E F0(for)4.152 E F4
(zfs-tpm2-change-key)4.152 E F0 1.652(\(8\) or)B F1(TPM1.X)4.152 E F0
(for)191 216 Q F4(zfs-tpm1x-change-key)2.5 E F0 -.834(\(8\) \) ,)B(or ")
2.5 E F1(-)A F0 2.5("i)C 2.5(fn)-2.5 G(one is con\214gured)-2.5 E F4
(keystatus)132 228 Q F1 -2.1 -.25(av a)191 228 T(ilable).25 E F0(or)2.5
E F1(una)2.5 E -.1(va)-.25 G(ilable).1 E F4(coherent)132 240 Q F1 -.1
(ye)191 240 S(s).1 E F0 12.834(if either both)15.334 F F4
(xyz.nabijaczleweli:tzpfms.backend)15.334 E F0(and)15.334 E F4
(xyz.nabijaczleweli:tzpfms.key)191 252 Q F0(are present or missing,)2.5
E F1(no)2.5 E F0(otherwise)2.5 E 11.268(Incoherent datasets require imm\
ediate operator attention, with either the appropriate)102 270 R F2
(zfs-tpm)102 282 Q/F5 10/Symbol SF(*)A F2(-clear-key)A F0 .462
(program or)2.962 F F2 .462(zfs change-key)2.962 F F0(and)2.962 E F2
.462(zfs inherit)2.962 F F0 2.962<8a69>2.962 G 2.963(ft)-2.962 G .463
(he k)-2.963 F .763 -.15(ey b)-.1 H .463(ecomes un-).15 F 1.642
(loaded, the)102 294 R 4.142(yw)-.15 G 1.642
(ill require restoration from back-up.)-4.142 F(Ho)6.642 E(we)-.25 E
-.15(ve)-.25 G 2.441 -.4(r, t).15 H(he).4 E 4.141(ys)-.15 G 1.641
(hould ne)-4.141 F -.15(ve)-.25 G 4.141(ro).15 G(ccur)-4.141 E 4.141(,u)
-.4 G 1.641(nless something)-4.141 F
(went terribly wrong with the dataset properties.)102 306 Q .468
(If no datasets are speci\214ed, lists all matching encryption roots.)
102 324 R .468(The def)5.468 F .468
(ault \214lter is to list all roots managed)-.1 F(by)102 336 Q F2
(tzpfms)2.5 E F0(.)A F2(\255ab)6.666 E F0
(can be used to either list all roots or only ones back)2.5 E
(ed by a particular end, respecti)-.1 E -.15(ve)-.25 G(ly).15 E(.)-.65 E
F1(OPTIONS)72 360 Q F2<ad48>103.666 372 Q F0 .093(Scripting mode \212 d\
o not print headers and separate \214elds by a single tab instead of co\
lum-)173 372 R(nating with spaces.)173 384 Q F2<ad72>103.666 402 Q F0
(Recurse into all descendants of speci\214ed datasets.)173 402 Q F2
<ad64>103.666 414 Q F3(depth)6 E F0(Recurse at most)173 414 Q F3(depth)
2.5 E F0(datasets deep.)2.5 E(Def)5 E(ault:)-.1 E F1(0)2.5 E F0(.)A F2
<ad61>103.666 432 Q F0(List all encryption roots, e)173 432 Q -.15(ve)
-.25 G 2.5(no).15 G(nes not managed by)-2.5 E F2(tzpfms)2.5 E F0(.)A F2
<ad62>103.666 444 Q F3(back-end)6 E F0(List only encryption roots with)
173 456 Q F3(tzpfms)2.5 E F0(back-end)2.5 E F3(back-end)2.5 E F0(.)A F2
<ad6c>103.666 474 Q F0(List only encryption roots whose k)173 474 Q -.15
(ey)-.1 G 2.5(sa).15 G(re a)-2.5 E -.25(va)-.2 G(ilable.).25 E F2<ad79>
103.666 486 Q F0(List only encryption roots whose k)173 486 Q -.15(ey)
-.1 G 2.5(sa).15 G(re una)-2.5 E -.25(va)-.2 G(ilable.).25 E F1
(EXAMPLES)72 510 Q F4($)102 522 Q F2(zfs-tpm-list)6 E F4
(NAME BACK-END KEYSTATUS COHERENT)102 534 Q
(owo/venc TPM2 unavailable yes)102 546 Q(owo/enc TPM1.X available yes)
102 558 Q($)102 582 Q F2 1.666(zfs-tpm-list \255ad0)6 F F4
(NAME BACK-END KEYSTATUS COHERENT)102 594 Q(awa - available yes)102 606
Q($)102 630 Q F2 1.666(zfs-tpm-list \255b)6 F F1(TPM2)6 E F4
(NAME BACK-END KEYSTATUS COHERENT)102 642 Q
(owo/venc TPM2 unavailable yes)102 654 Q($)102 678 Q F2 1.666
(zfs-tpm-list \255ra)6 F F3(owo)6 E F4(NAME BACK-END KEYSTATUS COHERENT)
102 690 Q(owo/venc TPM2 unavailable yes)102 702 Q F0(tzpfms 0.1-6)72 750
Q(October 15, 2021)148.595 E(1)194.145 E 0 Cg EP
%%Page: 2 2
%%BeginPageSetup
BP
%%EndPageSetup
/F0 10/Times-Roman@0 SF -.834(ZFS-TPM-LIST \(8\))72 48 R
(System Manager')102.759 E 2.5(sM)-.55 G 97.759(anual ZFS-TPM-LIST)-2.5
F(\(8\))1.666 E/F1 10/Courier@0 SF(owo/vtnc - available yes)102 96 Q
(owo/v nc - available yes)102 108 Q(owo/enc TPM1.X available yes)102 120
Q($)102 144 Q/F2 10/Courier-Bold@0 SF 1.666(zfs-tpm-list \255al)6 F F1
(NAME BACK-END KEYSTATUS COHERENT)102 156 Q(awa - available yes)102 168
Q(owo/vtnc - available yes)102 180 Q(owo/v nc - available yes)102 192 Q
(owo/enc TPM1.X available yes)102 204 Q/F3 10/Times-Bold@0 SF 1.666
(SPECIAL THANKS)72 228 R F0 1.6 -.8(To a)102 240 T
(ll who support further de).8 E -.15(ve)-.25 G(lopment, in particular:)
.15 E F3<83>122 252 Q F0(ThePhD)2.5 E F3<83>122 264 Q F0(Embark Studios)
2.5 E F3(REPOR)72 288 Q 1.666(TING B)-.4 F(UGS)-.1 E(https://todo.sr)102
300 Q(.ht/~nabijaczleweli/tzpfms)-1 E F1
(~nabijaczleweli/tzpfms@lists.sr.ht)102 318 Q F0 2.5(,a)C(rchi)-2.5 E
-.15(ve)-.25 G 2.5(da).15 G(t)-2.5 E F3(https://lists.sr)2.5 E
(.ht/~nabijaczleweli/tzpfms)-1 E F0(.)A F3 1.666(SEE ALSO)72 342 R
(https://git.sr)102 354 Q(.ht/~nabijaczleweli/tzpfms)-1 E F0
(tzpfms 0.1-6)72 750 Q(October 15, 2021)148.595 E(2)194.145 E 0 Cg EP
%%Page: 3 3
%%BeginPageSetup
BP
%%EndPageSetup
/F0 10/Times-Roman@0 SF -.834(ZFS-TPM1X-CHANGE-KEY \(8\))72 48 R
(System Manager')46.109 E 2.5(sM)-.55 G 41.109
(anual ZFS-TPM1X-CHANGE-KEY)-2.5 F(\(8\))1.666 E/F1 10/Times-Bold@0 SF
-.2(NA)72 96 S(ME).2 E/F2 10/Courier-Bold@0 SF(zfs-tpm1x-change-key)102
108 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)-2.5 E .3 -.15(ey t)-.1 H
2.5(oo).15 G(ne stored on the TPM)-2.5 E F1(SYNOPSIS)72 132 Q F2
(zfs-tpm1x-change-key)102 144 Q F0([)3.333 E F2<ad62>2.499 E/F3 10
/Courier-Oblique@0 SF(backup-file)6 E F0(]).833 E F3(dataset)2.5 E F1
(DESCRIPTION)72 168 Q F0 4.76 -.8(To n)102 180 T 3.16(ormalise the).8 F
F3(dataset)5.66 E F0(,)A F2(zfs-tpm1x-change-key)5.66 E F0 3.16
(will open its encryption root in its stead.)5.66 F F2
(zfs-tpm1x-change-key)102 192 Q F0(will)3.264 E/F4 10/Times-Italic@0 SF
(ne)3.264 E(ver)-.15 E F0 .764(create or destro)3.264 F 3.264(ye)-.1 G
.764(ncryption roots; use)-3.264 F/F5 10/Courier@0 SF(zfs-change-key)
3.264 E F0 .764(\(8\) for)B(that.)102 204 Q
(First, a connection is made to the TPM, which)102 222 Q F4(must)2.5 E
F0(be TPM-1.X-compatible.)2.5 E(If)102 240 Q F3(dataset)2.553 E F0 -.1
(wa)2.553 G 2.553(sp).1 G(re)-2.553 E .053(viously encrypted with)-.25 F
F2(tzpfms)2.553 E F0 .053(and the)2.553 F F1(TPM1.X)2.553 E F0 .054
(back-end w)2.553 F .054(as used, the metadata will)-.1 F .203
(be silently cleared.)102 252 R .203(Otherwise, or in case of an error)
5.203 F 2.703(,d)-.4 G .203(ata required for manual interv)-2.703 F .202
(ention will be printed to)-.15 F(the standard error stream.)102 264 Q
(Ne)102 282 Q .519(xt, a ne)-.15 F 3.019(ww)-.25 G .519(rapping k)-3.019
F .819 -.15(ey i)-.1 H 3.019(sb).15 G 3.019(eg)-3.019 G .519
(enerated on the TPM, optionally back)-3.019 F .519(ed up)-.1 F 1.666
(\(s)4.685 G(ee)-1.666 E F1(OPTIONS)3.02 E F0 -2.812 1.666(\), a)1.666 H
.52(nd sealed)-1.666 F 1.782(on the TPM; the user is prompted for an op\
tional passphrase to protect the k)102 294 R 2.081 -.15(ey w)-.1 H 1.781
(ith, and for the SRK).15 F(passphrase, set when taking o)102 306 Q
(wnership, if it is not "well-kno)-.25 E(wn" \(all zeroes\).)-.25 E
(The follo)102 324 Q(wing properties are set on)-.25 E F3(dataset)2.5 E
F0(:)A F1<83>122 336 Q F5(xyz.nabijaczleweli:tzpfms.backend)2.5 E F0(=)A
F1(TPM1.X)A<83>122 348 Q F5(xyz.nabijaczleweli:tzpfms.key)2.5 E F0(=)A
F3(parent-key-blob)A F2(:)A F3(sealed-object-blob)A F5(tzpfms.backend)
102 366 Q F0 2.231(identi\214es this dataset for w)4.73 F 2.231
(ork with)-.1 F F1(TPM1.X)4.731 E F0(-back-ended)A F2(tzpfms)4.731 E F0
3.897(tools \()4.731 F(namely)1.666 E F5(zfs-tpm1x-change-key)102 378 Q
F0(\(8\),)A F5(zfs-tpm1x-load-key)2.5 E F0(\(8\), and)A F5
(zfs-tpm1x-clear-key)2.5 E F0 -.834(\(8\) \) .)B F5(tzpfms.key)102 396 Q
F0 .334(is a colon-separated pair of he)2.834 F .333
(xadecimal-string \(i.e. "4F7730" for "Ow0"\) blobs; the \214rst one)
-.15 F .676(represents the RSA k)102 408 R .976 -.15(ey p)-.1 H .676
(rotecting the blob, and it is protected with either the passw).15 F
.676(ord, if pro)-.1 F .677(vided, or the)-.15 F .236(SHA1 constant)102
420 R F5(CE4CF677875B5EB8993591D5A9AF1ED24A3A8736)2.736 E F0 2.736(;t)C
.236(he second represents the sealed)-2.736 F 11.923
(object containing the wrapping k)102 432 R -.15(ey)-.1 G 14.424(,a)-.5
G 11.924(nd is protected with the SHA1 constant)-14.424 F F5
(B9EE715DBE4B243FAA81EA04306E063710383E35)102 444 Q F0 7.438(.T)C 2.438
(here e)-7.438 F 2.438(xists no other user)-.15 F 2.437
(-land tool for de-)-.2 F(crypting this; perhaps there should be.)102
456 Q(Finally)102 474 Q 4.14(,t)-.65 G 1.641(he equi)-4.14 F -.25(va)
-.25 G 1.641(lent of).25 F F2 1.641(zfs change-key)4.141 F<ad6f>9.307 E
F5(keylocation=prompt)7.641 E F2<ad6f>9.307 E F5(keyformat=raw)7.641 E
F3(dataset)102 486 Q F0 .118(is performed with the ne)2.618 F 2.618(wk)
-.25 G -.15(ey)-2.718 G 5.118(.I)-.5 G 2.617(fa)-5.118 G 2.617(ne)-2.617
G .117(rror occurred, best ef)-2.617 F .117
(fort is made to clean up the properties,)-.25 F
(or to issue a note for manual interv)102 498 Q
(ention into the standard error stream.)-.15 E 3.911<418c>102 516 S
1.411(nal v)-3.911 F 1.411(eri\214cation should be made by running)-.15
F F2 3.077(zfs-tpm1x-load-key \255n)3.911 F F3(dataset)7.411 E F0 6.411
(.I)C 3.911(ft)-6.411 G 1.412(hat com-)-3.911 F 2.176
(mand succeeds, all is well, b)102 528 R 2.175
(ut otherwise the dataset can be manually rolled back to a passw)-.2 F
2.175(ord with)-.1 F F2(zfs-tpm1x-clear-key)102 540 Q F3(dataset)12.878
E F0 1.666(\(o)11.044 G 7.678 -.4(r, i)-1.666 H 9.378(ft).4 G 6.878
(hat f)-9.378 F 6.878(ails to w)-.1 F(ork,)-.1 E F2 6.879
(zfs change-key)9.378 F<ad6f>14.545 E F5(keyformat=passphrase)102 552 Q
F3(dataset)6 E F0 -3.332 1.666(\), a)1.666 H(nd you are hereby ask)
-1.666 E(ed to report a b)-.1 E(ug, please.)-.2 E F2
(zfs-tpm1x-clear-key)102 570 Q F3(dataset)6 E F0
(can be used to clear the properties and go back to using a passw)2.5 E
(ord.)-.1 E F1(OPTIONS)72 594 Q F2<ad62>103.666 606 Q F3(backup-file)6 E
F0(Sa)191 618 Q .806 -.15(ve a b)-.2 H .506(ack-up of the k).15 F .805
-.15(ey t)-.1 H(o).15 E F3(backup-file)3.005 E F0 3.005(,w)C .505
(hich must not e)-3.005 F .505(xist beforehand.)-.15 F(This)5.505 E
(back-up)191 630 Q F4(must)3.181 E F0 .681(be stored securely)3.181 F
3.181(,o)-.65 G -.25(ff)-3.181 G 3.181(-site. In).25 F .682
(case of a catastrophic e)3.181 F -.15(ve)-.25 G .682(nt, the k).15 F
.982 -.15(ey c)-.1 H(an).15 E(be loaded by running)191 642 Q F2
(zfs load-key)221 654 Q F3(dataset)6 E F5(<)6 E F3(backup-file)6 E F1
1.666(TPM1.X back-end con\214guration)72 678 R F0(tzpfms 0.1-6)72 750 Q
(October 15, 2021)148.595 E(3)194.145 E 0 Cg EP
%%Page: 4 4
%%BeginPageSetup
BP
%%EndPageSetup
/F0 10/Times-Roman@0 SF -.834(ZFS-TPM1X-CHANGE-KEY \(8\))72 48 R
(System Manager')46.109 E 2.5(sM)-.55 G 41.109
(anual ZFS-TPM1X-CHANGE-KEY)-2.5 F(\(8\))1.666 E/F1 10/Times-Bold@0 SF
.625(TPM selection)84 96 R F0(The)102 108 Q/F2 10/Courier-Bold@0 SF
(tzpfms)2.768 E F0 .267(suite connects to a local)2.767 F/F3 10
/Courier@0 SF(tcsd)2.767 E F0 .267(\(8\) process)B 1.666(\(a)4.433 G(t)
-1.666 E F3(localhost:30003)2.767 E F0 4.433(\)b)1.666 G 2.767(yd)-4.433
G(ef)-2.767 E 2.767(ault. Use)-.1 F .267(the en-)2.767 F(vironment v)102
120 Q(ariable)-.25 E F3(TZPFMS_TPM1X)2.5 E F0
(to specify a remote TCS hostname.)2.5 E .391(The T)102 138 R(rouSerS)
-.35 E F3(tcsd)2.891 E F0 .391(\(8\) daemon will try)B F3(/dev/tpm0)
2.892 E F0 2.892(,t)C(hen)-2.892 E F3(/udev/tpm0)2.892 E F0 2.892(,t)C
(hen)-2.892 E F3(/dev/tpm)2.892 E F0 2.892(;b)C 2.892(yo)-2.892 G(ccup)
-2.892 E(ying)-.1 E(one of the earlier ones with, for e)102 150 Q
(xample, shell redirection, a later one can be selected.)-.15 E F1 .625
(See also)84 174 R F0(The T)102 186 Q(rouSerS project page at)-.35 E F1
(https://sour)2.5 E(cef)-.18 E(or)-.25 E(ge.net/pr)-.1 E(ojects/tr)-.18
E(ousers)-.18 E F0(.)A 5.109(The TPM 1.2 main speci\214cation inde)102
204 R 7.608(xa)-.15 G(t)-7.608 E F1(https://trustedcomputinggr)7.608 E
(oup.or)-.18 E(g/r)-.1 E(esour)-.18 E(ce/tpm-main-)-.18 E
(speci\214cation)102 216 Q F0(.)A F1 1.666(SPECIAL THANKS)72 240 R F0
1.6 -.8(To a)102 252 T(ll who support further de).8 E -.15(ve)-.25 G
(lopment, in particular:).15 E F1<83>122 264 Q F0(ThePhD)2.5 E F1<83>122
276 Q F0(Embark Studios)2.5 E F1(REPOR)72 300 Q 1.666(TING B)-.4 F(UGS)
-.1 E(https://todo.sr)102 312 Q(.ht/~nabijaczleweli/tzpfms)-1 E F3
(~nabijaczleweli/tzpfms@lists.sr.ht)102 330 Q F0 2.5(,a)C(rchi)-2.5 E
-.15(ve)-.25 G 2.5(da).15 G(t)-2.5 E F1(https://lists.sr)2.5 E
(.ht/~nabijaczleweli/tzpfms)-1 E F0(.)A F1 1.666(SEE ALSO)72 354 R
(https://git.sr)102 366 Q(.ht/~nabijaczleweli/tzpfms)-1 E F0
(tzpfms 0.1-6)72 750 Q(October 15, 2021)148.595 E(4)194.145 E 0 Cg EP
%%Page: 5 5
%%BeginPageSetup
BP
%%EndPageSetup
/F0 10/Times-Roman@0 SF -.834(ZFS-TPM1X-CLEAR-KEY \(8\))72 48 R
(System Manager')54.989 E 2.5(sM)-.55 G 49.989
(anual ZFS-TPM1X-CLEAR-KEY)-2.5 F(\(8\))1.666 E/F1 10/Times-Bold@0 SF
-.2(NA)72 96 S(ME).2 E/F2 10/Courier-Bold@0 SF(zfs-tpm1x-clear-key)102
108 Q F0 2.5<8a72>2.5 G -.25(ew)-2.5 G(rap ZFS dataset k).25 E .3 -.15
(ey i)-.1 H 2.5(np).15 G(asssw)-2.5 E
(ord and clear tzpfms TPM1.X metadata)-.1 E F1(SYNOPSIS)72 132 Q F2
(zfs-tpm1x-clear-key)102 144 Q/F3 10/Courier-Oblique@0 SF(dataset)2.5 E
F1(DESCRIPTION)72 168 Q F0(After v)102 180 Q(erifying)-.15 E F3(dataset)
2.5 E F0 -.1(wa)2.5 G 2.5(se).1 G(ncrypted with)-2.5 E F2(tzpfms)2.5 E
F0(back)2.5 E(end)-.1 E F1(TPM1.X)2.5 E F0(:)A 6.984
(1. performs the equi)122 192 R -.25(va)-.25 G 6.984(lent of).25 F F2
6.984(zfs change-key)9.484 F<ad6f>14.65 E/F4 10/Courier@0 SF
(keylocation=prompt)12.985 E F2<ad6f>14.651 E F4(keyformat=passphrase)
127 204 Q F3(dataset)6 E F0(,)A(2. remo)122 216 Q -.15(ve)-.15 G 2.5(st)
.15 G(he)-2.5 E F4(xyz.nabijaczleweli:tzpfms.)2.5 E F0({)A F4(backend)A
F0(,)A F4(key)6 E F0 2.5(}p)C(roperties from)-2.5 E F3(dataset)2.5 E F0
(.)A(See)102 234 Q F4(zfs-tpm1x-change-key)2.5 E F0
(\(8\) for a detailed description.)A F1 1.666
(TPM1.X back-end con\214guration)72 258 R .625(TPM selection)84 270 R F0
(The)102 282 Q F2(tzpfms)2.768 E F0 .267(suite connects to a local)2.767
F F4(tcsd)2.767 E F0 .267(\(8\) process)B 1.666(\(a)4.433 G(t)-1.666 E
F4(localhost:30003)2.767 E F0 4.433(\)b)1.666 G 2.767(yd)-4.433 G(ef)
-2.767 E 2.767(ault. Use)-.1 F .267(the en-)2.767 F(vironment v)102 294
Q(ariable)-.25 E F4(TZPFMS_TPM1X)2.5 E F0
(to specify a remote TCS hostname.)2.5 E .391(The T)102 312 R(rouSerS)
-.35 E F4(tcsd)2.891 E F0 .391(\(8\) daemon will try)B F4(/dev/tpm0)
2.892 E F0 2.892(,t)C(hen)-2.892 E F4(/udev/tpm0)2.892 E F0 2.892(,t)C
(hen)-2.892 E F4(/dev/tpm)2.892 E F0 2.892(;b)C 2.892(yo)-2.892 G(ccup)
-2.892 E(ying)-.1 E(one of the earlier ones with, for e)102 324 Q
(xample, shell redirection, a later one can be selected.)-.15 E F1 .625
(See also)84 348 R F0(The T)102 360 Q(rouSerS project page at)-.35 E F1
(https://sour)2.5 E(cef)-.18 E(or)-.25 E(ge.net/pr)-.1 E(ojects/tr)-.18
E(ousers)-.18 E F0(.)A 5.109(The TPM 1.2 main speci\214cation inde)102
378 R 7.608(xa)-.15 G(t)-7.608 E F1(https://trustedcomputinggr)7.608 E
(oup.or)-.18 E(g/r)-.1 E(esour)-.18 E(ce/tpm-main-)-.18 E
(speci\214cation)102 390 Q F0(.)A F1 1.666(SPECIAL THANKS)72 414 R F0
1.6 -.8(To a)102 426 T(ll who support further de).8 E -.15(ve)-.25 G
(lopment, in particular:).15 E F1<83>122 438 Q F0(ThePhD)2.5 E F1<83>122
450 Q F0(Embark Studios)2.5 E F1(REPOR)72 474 Q 1.666(TING B)-.4 F(UGS)
-.1 E(https://todo.sr)102 486 Q(.ht/~nabijaczleweli/tzpfms)-1 E F4
(~nabijaczleweli/tzpfms@lists.sr.ht)102 504 Q F0 2.5(,a)C(rchi)-2.5 E
-.15(ve)-.25 G 2.5(da).15 G(t)-2.5 E F1(https://lists.sr)2.5 E
(.ht/~nabijaczleweli/tzpfms)-1 E F0(.)A F1 1.666(SEE ALSO)72 528 R
(https://git.sr)102 540 Q(.ht/~nabijaczleweli/tzpfms)-1 E F0
(tzpfms 0.1-6)72 750 Q(October 15, 2021)148.595 E(5)194.145 E 0 Cg EP
%%Page: 6 6
%%BeginPageSetup
BP
%%EndPageSetup
/F0 10/Times-Roman@0 SF(ZFS-TPM1X-LO)72 48 Q -.834(AD-KEY \(8\))-.35 F
(System Manager')60.349 E 2.5(sM)-.55 G 55.349(anual ZFS-TPM1X-LO)-2.5 F
-.834(AD-KEY \(8\))-.35 F/F1 10/Times-Bold@0 SF -.2(NA)72 96 S(ME).2 E
/F2 10/Courier-Bold@0 SF(zfs-tpm1x-load-key)102 108 Q F0 2.5<8a6c>2.5 G
(oad tzpfms TPM1.X-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1
(SYNOPSIS)72 132 Q F2(zfs-tpm1x-load-key)102 144 Q F0([)3.333 E F2<ad6e>
2.499 E F0(]).833 E/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1
(DESCRIPTION)72 168 Q F0 1.155(After v)102 180 R(erifying)-.15 E F3
(dataset)3.655 E F0 -.1(wa)3.655 G 3.655(se).1 G 1.155(ncrypted with)
-3.655 F F2(tzpfms)3.655 E F0(back)3.655 E(end)-.1 E F1(TPM1.X)3.655 E
F0 1.156(will unseal the k)3.655 F 1.456 -.15(ey a)-.1 H 1.156
(nd load it).15 F(into)102 192 Q F3(dataset)2.5 E F0(.)A .422
(The user is prompted for)102 210 R 2.922<2c8c>-.4 G .422
(rst, the SRK passphrase, set when taking o)-2.922 F .422
(wnership, if it')-.25 F 2.921(sn)-.55 G .421(ot "well-kno)-2.921 F .421
(wn" \(all)-.25 F
(zeroes\), then the additional passphrase set when creating the k)102
222 Q -.15(ey)-.1 G 2.5(,i)-.5 G 2.5(fi)-2.5 G 2.5(tw)-2.5 G(as pro)-2.6
E(vided.)-.15 E(See)102 240 Q/F4 10/Courier@0 SF(zfs-tpm1x-change-key)
2.5 E F0(\(8\) for a detailed description.)A F1(OPTIONS)72 264 Q F2
<ad6e>103.666 276 Q F0 .178(Do a no-op/dry run, can be used e)119 288 R
-.15(ve)-.25 G 2.678(ni).15 G 2.679(ft)-2.678 G .179(he k)-2.679 F .479
-.15(ey i)-.1 H 2.679(sa).15 G .179(lready loaded.)-2.679 F(Equi)5.179 E
-.25(va)-.25 G .179(lent to).25 F F2 .179(zfs load-key)2.679 F F0 -.55
('s)C F2<ad6e>4.895 E F0(option.)119 300 Q F1 1.666
(TPM1.X back-end con\214guration)72 324 R .625(TPM selection)84 336 R F0
(The)102 348 Q F2(tzpfms)2.768 E F0 .267(suite connects to a local)2.767
F F4(tcsd)2.767 E F0 .267(\(8\) process)B 1.666(\(a)4.433 G(t)-1.666 E
F4(localhost:30003)2.767 E F0 4.433(\)b)1.666 G 2.767(yd)-4.433 G(ef)
-2.767 E 2.767(ault. Use)-.1 F .267(the en-)2.767 F(vironment v)102 360
Q(ariable)-.25 E F4(TZPFMS_TPM1X)2.5 E F0
(to specify a remote TCS hostname.)2.5 E .391(The T)102 378 R(rouSerS)
-.35 E F4(tcsd)2.891 E F0 .391(\(8\) daemon will try)B F4(/dev/tpm0)
2.892 E F0 2.892(,t)C(hen)-2.892 E F4(/udev/tpm0)2.892 E F0 2.892(,t)C
(hen)-2.892 E F4(/dev/tpm)2.892 E F0 2.892(;b)C 2.892(yo)-2.892 G(ccup)
-2.892 E(ying)-.1 E(one of the earlier ones with, for e)102 390 Q
(xample, shell redirection, a later one can be selected.)-.15 E F1 .625
(See also)84 414 R F0(The T)102 426 Q(rouSerS project page at)-.35 E F1
(https://sour)2.5 E(cef)-.18 E(or)-.25 E(ge.net/pr)-.1 E(ojects/tr)-.18
E(ousers)-.18 E F0(.)A 5.109(The TPM 1.2 main speci\214cation inde)102
444 R 7.608(xa)-.15 G(t)-7.608 E F1(https://trustedcomputinggr)7.608 E
(oup.or)-.18 E(g/r)-.1 E(esour)-.18 E(ce/tpm-main-)-.18 E
(speci\214cation)102 456 Q F0(.)A F1 1.666(SPECIAL THANKS)72 480 R F0
1.6 -.8(To a)102 492 T(ll who support further de).8 E -.15(ve)-.25 G
(lopment, in particular:).15 E F1<83>122 504 Q F0(ThePhD)2.5 E F1<83>122
516 Q F0(Embark Studios)2.5 E F1(REPOR)72 540 Q 1.666(TING B)-.4 F(UGS)
-.1 E(https://todo.sr)102 552 Q(.ht/~nabijaczleweli/tzpfms)-1 E F4
(~nabijaczleweli/tzpfms@lists.sr.ht)102 570 Q F0 2.5(,a)C(rchi)-2.5 E
-.15(ve)-.25 G 2.5(da).15 G(t)-2.5 E F1(https://lists.sr)2.5 E
(.ht/~nabijaczleweli/tzpfms)-1 E F0(.)A F1 1.666(SEE ALSO)72 594 R
(https://git.sr)102 606 Q(.ht/~nabijaczleweli/tzpfms)-1 E F0
(tzpfms 0.1-6)72 750 Q(October 15, 2021)148.595 E(6)194.145 E 0 Cg EP
%%Page: 7 7
%%BeginPageSetup
BP
%%EndPageSetup
/F0 10/Times-Roman@0 SF -.834(ZFS-TPM2-CHANGE-KEY \(8\))72 48 R
(System Manager')53.329 E 2.5(sM)-.55 G 48.329
(anual ZFS-TPM2-CHANGE-KEY)-2.5 F(\(8\))1.666 E/F1 10/Times-Bold@0 SF
-.2(NA)72 96 S(ME).2 E/F2 10/Courier-Bold@0 SF(zfs-tpm2-change-key)102
108 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)-2.5 E .3 -.15(ey t)-.1 H
2.5(oo).15 G(ne stored on the TPM)-2.5 E F1(SYNOPSIS)72 132 Q F2
(zfs-tpm2-change-key)102 144 Q F0([)3.333 E F2<ad62>2.499 E/F3 10
/Courier-Oblique@0 SF(backup-file)6 E F0(]).833 E F3(dataset)2.5 E F1
(DESCRIPTION)72 168 Q F0 6.93 -.8(To n)102 180 T(ormalise).8 E F3
(dataset)7.831 E F0(,)A F2(zfs-tpm2-change-key)7.831 E F0 5.331
(will open its encryption root in its stead.)7.831 F F2
(zfs-tpm2-change-key)102 192 Q F0(will)3.864 E/F4 10/Times-Italic@0 SF
(ne)3.864 E(ver)-.15 E F0 1.364(create or destro)3.864 F 3.864(ye)-.1 G
1.364(ncryption roots; use)-3.864 F/F5 10/Courier@0 SF(zfs-change-key)
3.864 E F0 1.364(\(8\) for)B(that.)102 204 Q
(First, a connection is made to the TPM, which)102 222 Q F4(must)2.5 E
F0(be TPM-2.0-compatible.)2.5 E(If)102 240 Q F3(dataset)3.42 E F0 -.1
(wa)3.42 G 3.42(sp).1 G(re)-3.42 E .92(viously encrypted with)-.25 F F2
(tzpfms)3.42 E F0 .92(and the)3.42 F F1(TPM2)3.42 E F0 .92(back-end w)
3.42 F .92(as used, the pre)-.1 F .92(vious k)-.25 F -.15(ey)-.1 G .382
(will be freed from the TPM.)102 252 R .382
(Otherwise, or in case of an error)5.382 F 2.882(,d)-.4 G .382
(ata required for manual interv)-2.882 F .382(ention will be)-.15 F
(printed to the standard error stream.)102 264 Q(Ne)102 282 Q .519
(xt, a ne)-.15 F 3.019(ww)-.25 G .519(rapping k)-3.019 F .819 -.15(ey i)
-.1 H 3.019(sb).15 G 3.019(eg)-3.019 G .519
(enerated on the TPM, optionally back)-3.019 F .519(ed up)-.1 F 1.666
(\(s)4.685 G(ee)-1.666 E F1(OPTIONS)3.02 E F0 -2.812 1.666(\), a)1.666 H
.52(nd sealed)-1.666 F .248
(to a persistent object on the TPM under the o)102 294 R .248
(wner hierarch)-.25 F .248(y; if there is a passphrase set on the o)-.05
F .248(wner hierar)-.25 F(-)-.2 E(ch)102 306 Q 1.772 -.65(y, t)-.05 H
.472(he user is prompted for it; the user is al).65 F -.1(wa)-.1 G .472
(ys prompted for an optional passphrase to protect the sealed).1 F
(object with.)102 318 Q(The follo)102 336 Q(wing properties are set on)
-.25 E F3(dataset)2.5 E F0(:)A F1<83>122 348 Q F5
(xyz.nabijaczleweli:tzpfms.backend)2.5 E F0(=)A F1(TPM2)A<83>122 360 Q
F5(xyz.nabijaczleweli:tzpfms.key)2.5 E F0(=)A F3
(ID of persistent object)A F5(tzpfms.backend)102 378 Q F0 3.203
(identi\214es this dataset for w)5.703 F 3.203(ork with)-.1 F F1(TPM2)
5.703 E F0(-back-ended)A F2(tzpfms)5.703 E F0 4.868(tools \()5.702 F
(namely)1.666 E F5(zfs-tpm2-change-key)102 390 Q F0(\(8\),)A F5
(zfs-tpm2-load-key)2.5 E F0(\(8\), and)A F5(zfs-tpm2-clear-key)2.5 E F0
-.834(\(8\) \) .)B F5(tzpfms.key)102 408 Q F0 1.11(is an inte)3.61 F
1.111
(ger representing the sealed object; if needed, it can be passed to)-.15
F F2(tpm2_unseal)3.611 E<ad63>103.666 420 Q F5(${tzpfms.key})6.032 E F0
([)6.865 E F2<ad70>2.499 E F5(${password})6.032 E F0 2.532(]o).833 G
2.532(re)-2.532 G(qui)-2.532 E -.25(va)-.25 G .032(lent for back-up).25
F 1.666(\(s)4.198 G(ee)-1.666 E F1(OPTIONS)2.532 E F0 -.8 1.666(\). I)
1.666 H 2.532(fy)-1.666 G .032(ou ha)-2.532 F .331 -.15(ve a)-.2 H .434
(sealed k)102 432 R .734 -.15(ey y)-.1 H .434
(ou can access with that or equi).15 F -.25(va)-.25 G .435
(lent tool and set both of these properties, it will funxion seam-).25 F
(lessly)102 444 Q(.)-.65 E(Finally)102 462 Q 4.141(,t)-.65 G 1.641
(he equi)-4.141 F -.25(va)-.25 G 1.641(lent of).25 F F2 1.641
(zfs change-key)4.141 F<ad6f>9.307 E F5(keylocation=prompt)7.641 E F2
<ad6f>9.307 E F5(keyformat=raw)7.64 E F3(dataset)102 474 Q F0 .336
(is performed with the ne)2.836 F 2.836(wk)-.25 G -.15(ey)-2.936 G 5.336
(.I)-.5 G 2.836(fa)-5.336 G 2.836(ne)-2.836 G .336
(rror occurred, best ef)-2.836 F .337
(fort is made to clean up the persistent)-.25 F
(object and properties, or to issue a note for manual interv)102 486 Q
(ention into the standard error stream.)-.15 E 2.92<418c>102 504 S .42
(nal v)-2.92 F .42(eri\214cation should be made by running)-.15 F F2
2.085(zfs-tpm2-load-key \255n)2.919 F F3(dataset)6.419 E F0 5.419(.I)C
2.919(ft)-5.419 G .419(hat command)-2.919 F 3.856
(succeeds, all is well, b)102 516 R 3.856
(ut otherwise the dataset can be manually rolled back to a passw)-.2 F
3.857(ord with)-.1 F F2(zfs-tpm2-clear-key)102 528 Q F3(dataset)13.479 E
F0 1.666(\(o)11.645 G 8.278 -.4(r, i)-1.666 H 9.978(ft).4 G 7.478(hat f)
-9.978 F 7.478(ails to w)-.1 F(ork,)-.1 E F2 7.478(zfs change-key)9.978
F<ad6f>15.144 E F5(keyformat=passphrase)102 540 Q F3(dataset)6 E F0
-3.332 1.666(\), a)1.666 H(nd you are hereby ask)-1.666 E
(ed to report a b)-.1 E(ug, please.)-.2 E F2(zfs-tpm2-clear-key)102 558
Q F3(dataset)6.423 E F0 .423
(can be used to free the TPM persistent object and go back to using a)
2.923 F(passw)102 570 Q(ord.)-.1 E F1(OPTIONS)72 594 Q F2<ad62>103.666
606 Q F3(backup-file)6 E F0(Sa)191 618 Q .806 -.15(ve a b)-.2 H .506
(ack-up of the k).15 F .805 -.15(ey t)-.1 H(o).15 E F3(backup-file)3.005
E F0 3.005(,w)C .505(hich must not e)-3.005 F .505(xist beforehand.)-.15
F(This)5.505 E(back-up)191 630 Q F4(must)3.181 E F0 .681
(be stored securely)3.181 F 3.181(,o)-.65 G -.25(ff)-3.181 G 3.181
(-site. In).25 F .682(case of a catastrophic e)3.181 F -.15(ve)-.25 G
.682(nt, the k).15 F .982 -.15(ey c)-.1 H(an).15 E(be loaded by running)
191 642 Q F2(zfs load-key)221 654 Q F3(dataset)6 E F5(<)6 E F3
(backup-file)6 E F1 1.666(TPM2 back-end con\214guration)72 678 R F0
(tzpfms 0.1-6)72 750 Q(October 15, 2021)148.595 E(7)194.145 E 0 Cg EP
%%Page: 8 8
%%BeginPageSetup
BP
%%EndPageSetup
/F0 10/Times-Roman@0 SF -.834(ZFS-TPM2-CHANGE-KEY \(8\))72 48 R
(System Manager')53.329 E 2.5(sM)-.55 G 48.329
(anual ZFS-TPM2-CHANGE-KEY)-2.5 F(\(8\))1.666 E/F1 10/Times-Bold@0 SF
(En)84 96 Q(vir)-.4 E .625(onment v)-.18 F(ariables)-.1 E/F2 10
/Courier@0 SF(TSS2_LOG)102 108 Q F0(An)155 108 Q 2.5(yo)-.15 G(f:)-2.5 E
F1(NONE)2.5 E F0(,)A F1(ERR)2.5 E(OR)-.3 E F0(,)A F1 -1.2(WA)2.5 G
(RNING)1.2 E F0(,)A F1(INFO)2.5 E F0(,)A F1(DEB)2.5 E(UG)-.1 E F0(,)A F1
(TRA)2.5 E(CE)-.55 E F0 5(.D)C(ef)-5 E(ault:)-.1 E F1 -1.2(WA)2.5 G
(RNING)1.2 E F0(.)A F1 .625(TPM selection)84 132 R F0 .517(The library)
102 144 R/F3 10/Courier-Bold@0 SF(libtss2-tcti-default.so)3.017 E F0
.517(can be link)3.017 F .516(ed to an)-.1 F 3.016(yo)-.15 G 3.016(ft)
-3.016 G(he)-3.016 E F2(libtss2-tcti-)3.016 E/F4 10/Symbol SF(*)A F2
(.so)A F0(libraries)3.016 E .575(to select the def)102 156 R .576
(ault, otherwise)-.1 F F2(/dev/tpmrm0)3.076 E F0 3.076(,t)C(hen)-3.076 E
F2(/dev/tpm0)3.076 E F0 3.076(,t)C(hen)-3.076 E F2(localhost:2321)3.076
E F0 .576(will be tried,)3.076 F(in order)102 168 Q 1.666(\(s)4.166 G
(ee)-1.666 E F2(ESYS_CONTEXT)2.5 E F0 -.834(\(3\) \) .)B F1 .625
(See also)84 192 R F0 3.488(The tpm2-tss git repository at)102 204 R F1
(https://github)5.988 E(.com/tpm2-softwar)-.4 E(e/tpm2-tss)-.18 E F0
3.487(and the documentation at)5.988 F F1(https://tpm2-tss.r)102 216 Q
(eadthedocs.io)-.18 E F0(.)A 3.092
(The TPM 2.0 speci\214cations, mainly at)102 234 R F1
(https://trustedcomputinggr)5.592 E(oup.or)-.18 E
(g/wp-content/uploads/TPM-)-.1 E(Re)102 246 Q(v-2.0-P)-.15 E(art-1-Ar)
-.1 E(chitectur)-.18 E(e-01.38.pdf)-.18 E F0(and related pages.)2.5 E F1
1.666(SPECIAL THANKS)72 270 R F0 1.6 -.8(To a)102 282 T
(ll who support further de).8 E -.15(ve)-.25 G(lopment, in particular:)
.15 E F1<83>122 294 Q F0(ThePhD)2.5 E F1<83>122 306 Q F0(Embark Studios)
2.5 E F1(REPOR)72 330 Q 1.666(TING B)-.4 F(UGS)-.1 E(https://todo.sr)102
342 Q(.ht/~nabijaczleweli/tzpfms)-1 E F2
(~nabijaczleweli/tzpfms@lists.sr.ht)102 360 Q F0 2.5(,a)C(rchi)-2.5 E
-.15(ve)-.25 G 2.5(da).15 G(t)-2.5 E F1(https://lists.sr)2.5 E
(.ht/~nabijaczleweli/tzpfms)-1 E F0(.)A F1 1.666(SEE ALSO)72 384 R F2
(tpm2_unseal)102 396 Q F0(\(1\))A F1(https://git.sr)102 414 Q
(.ht/~nabijaczleweli/tzpfms)-1 E F0(tzpfms 0.1-6)72 750 Q
(October 15, 2021)148.595 E(8)194.145 E 0 Cg EP
%%Page: 9 9
%%BeginPageSetup
BP
%%EndPageSetup
/F0 10/Times-Roman@0 SF -.834(ZFS-TPM2-CLEAR-KEY \(8\))72 48 R
(System Manager')62.209 E 2.5(sM)-.55 G 57.209(anual ZFS-TPM2-CLEAR-KEY)
-2.5 F(\(8\))1.666 E/F1 10/Times-Bold@0 SF -.2(NA)72 96 S(ME).2 E/F2 10
/Courier-Bold@0 SF(zfs-tpm2-clear-key)102 108 Q F0 2.5<8a72>2.5 G -.25
(ew)-2.5 G(rap ZFS dataset k).25 E .3 -.15(ey i)-.1 H 2.5(np).15 G
(asssw)-2.5 E(ord and clear tzpfms TPM2 metadata)-.1 E F1(SYNOPSIS)72
132 Q F2(zfs-tpm2-clear-key)102 144 Q/F3 10/Courier-Oblique@0 SF
(dataset)2.5 E F1(DESCRIPTION)72 168 Q F0(After v)102 180 Q(erifying)
-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G 2.5(se).1 G(ncrypted with)-2.5 E
F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E F1(TPM2)2.5 E F0(:)A 6.985
(1. performs the equi)122 192 R -.25(va)-.25 G 6.984(lent of).25 F F2
6.984(zfs change-key)9.484 F<ad6f>14.65 E/F4 10/Courier@0 SF
(keylocation=prompt)12.984 E F2<ad6f>14.65 E F4(keyformat=passphrase)127
204 Q F3(dataset)6 E F0(,)A(2. frees the sealed k)122 216 Q .3 -.15
(ey p)-.1 H(re).15 E(viously used to encrypt)-.25 E F3(dataset)2.5 E F0
(,)A(3. remo)122 228 Q -.15(ve)-.15 G 2.5(st).15 G(he)-2.5 E F4
(xyz.nabijaczleweli:tzpfms.)2.5 E F0({)A F4(backend)A F0(,)A F4(key)6 E
F0 2.5(}p)C(roperties from)-2.5 E F3(dataset)2.5 E F0(.)A(See)102 246 Q
F4(zfs-tpm2-change-key)2.5 E F0(\(8\) for a detailed description.)A F1
1.666(TPM2 back-end con\214guration)72 270 R(En)84 282 Q(vir)-.4 E .625
(onment v)-.18 F(ariables)-.1 E F4(TSS2_LOG)102 294 Q F0(An)155 294 Q
2.5(yo)-.15 G(f:)-2.5 E F1(NONE)2.5 E F0(,)A F1(ERR)2.5 E(OR)-.3 E F0(,)
A F1 -1.2(WA)2.5 G(RNING)1.2 E F0(,)A F1(INFO)2.5 E F0(,)A F1(DEB)2.5 E
(UG)-.1 E F0(,)A F1(TRA)2.5 E(CE)-.55 E F0 5(.D)C(ef)-5 E(ault:)-.1 E F1
-1.2(WA)2.5 G(RNING)1.2 E F0(.)A F1 .625(TPM selection)84 318 R F0 .516
(The library)102 330 R F2(libtss2-tcti-default.so)3.016 E F0 .516
(can be link)3.016 F .516(ed to an)-.1 F 3.017(yo)-.15 G 3.017(ft)-3.017
G(he)-3.017 E F4(libtss2-tcti-)3.017 E/F5 10/Symbol SF(*)A F4(.so)A F0
(libraries)3.017 E .576(to select the def)102 342 R .576
(ault, otherwise)-.1 F F4(/dev/tpmrm0)3.076 E F0 3.076(,t)C(hen)-3.076 E
F4(/dev/tpm0)3.076 E F0 3.076(,t)C(hen)-3.076 E F4(localhost:2321)3.076
E F0 .575(will be tried,)3.076 F(in order)102 354 Q 1.666(\(s)4.166 G
(ee)-1.666 E F4(ESYS_CONTEXT)2.5 E F0 -.834(\(3\) \) .)B F1 .625
(See also)84 378 R F0 3.487(The tpm2-tss git repository at)102 390 R F1
(https://github)5.988 E(.com/tpm2-softwar)-.4 E(e/tpm2-tss)-.18 E F0
3.488(and the documentation at)5.988 F F1(https://tpm2-tss.r)102 402 Q
(eadthedocs.io)-.18 E F0(.)A 3.092
(The TPM 2.0 speci\214cations, mainly at)102 420 R F1
(https://trustedcomputinggr)5.591 E(oup.or)-.18 E
(g/wp-content/uploads/TPM-)-.1 E(Re)102 432 Q(v-2.0-P)-.15 E(art-1-Ar)
-.1 E(chitectur)-.18 E(e-01.38.pdf)-.18 E F0(and related pages.)2.5 E F1
1.666(SPECIAL THANKS)72 456 R F0 1.6 -.8(To a)102 468 T
(ll who support further de).8 E -.15(ve)-.25 G(lopment, in particular:)
.15 E F1<83>122 480 Q F0(ThePhD)2.5 E F1<83>122 492 Q F0(Embark Studios)
2.5 E F1(REPOR)72 516 Q 1.666(TING B)-.4 F(UGS)-.1 E(https://todo.sr)102
528 Q(.ht/~nabijaczleweli/tzpfms)-1 E F4
(~nabijaczleweli/tzpfms@lists.sr.ht)102 546 Q F0 2.5(,a)C(rchi)-2.5 E
-.15(ve)-.25 G 2.5(da).15 G(t)-2.5 E F1(https://lists.sr)2.5 E
(.ht/~nabijaczleweli/tzpfms)-1 E F0(.)A F1 1.666(SEE ALSO)72 570 R
(https://git.sr)102 582 Q(.ht/~nabijaczleweli/tzpfms)-1 E F0
(tzpfms 0.1-6)72 750 Q(October 15, 2021)148.595 E(9)194.145 E 0 Cg EP
%%Page: 10 10
%%BeginPageSetup
BP
%%EndPageSetup
/F0 10/Times-Roman@0 SF(ZFS-TPM2-LO)72 48 Q -.834(AD-KEY \(8\))-.35 F
(System Manager')67.569 E 2.5(sM)-.55 G 62.569(anual ZFS-TPM2-LO)-2.5 F
-.834(AD-KEY \(8\))-.35 F/F1 10/Times-Bold@0 SF -.2(NA)72 96 S(ME).2 E
/F2 10/Courier-Bold@0 SF(zfs-tpm2-load-key)102 108 Q F0 2.5<8a6c>2.5 G
(oad tzpfms TPM2-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1
(SYNOPSIS)72 132 Q F2(zfs-tpm2-load-key)102 144 Q F0([)3.333 E F2<ad6e>
2.499 E F0(]).833 E/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1
(DESCRIPTION)72 168 Q F0 1.118(After v)102 180 R(erifying)-.15 E F3
(dataset)3.618 E F0 -.1(wa)3.618 G 3.618(se).1 G 1.118(ncrypted with)
-3.618 F F2(tzpfms)3.618 E F0(back)3.618 E(end)-.1 E F1(TPM2)3.618 E F0
3.618(,u)C 1.118(nseals the k)-3.618 F 1.418 -.15(ey a)-.1 H 1.118
(nd loads it into).15 F F3(dataset)102 192 Q F0(.)A(See)102 210 Q/F4 10
/Courier@0 SF(zfs-tpm2-change-key)2.5 E F0
(\(8\) for a detailed description.)A F1(OPTIONS)72 234 Q F2<ad6e>103.666
246 Q F0 .179(Do a no-op/dry run, can be used e)119 258 R -.15(ve)-.25 G
2.679(ni).15 G 2.679(ft)-2.679 G .179(he k)-2.679 F .478 -.15(ey i)-.1 H
2.678(sa).15 G .178(lready loaded.)-2.678 F(Equi)5.178 E -.25(va)-.25 G
.178(lent to).25 F F2 .178(zfs load-key)2.678 F F0 -.55('s)C F2<ad6e>
4.894 E F0(option.)119 270 Q F1 1.666(TPM1.X back-end con\214guration)72
294 R .625(TPM selection)84 306 R F0(The)102 318 Q F2(tzpfms)2.767 E F0
.267(suite connects to a local)2.767 F F4(tcsd)2.767 E F0 .267
(\(8\) process)B 1.666(\(a)4.433 G(t)-1.666 E F4(localhost:30003)2.767 E
F0 4.433(\)b)1.666 G 2.767(yd)-4.433 G(ef)-2.767 E 2.767(ault. Use)-.1 F
.268(the en-)2.767 F(vironment v)102 330 Q(ariable)-.25 E F4
(TZPFMS_TPM1X)2.5 E F0(to specify a remote TCS hostname.)2.5 E .392
(The T)102 348 R(rouSerS)-.35 E F4(tcsd)2.892 E F0 .392
(\(8\) daemon will try)B F4(/dev/tpm0)2.892 E F0 2.892(,t)C(hen)-2.892 E
F4(/udev/tpm0)2.892 E F0 2.891(,t)C(hen)-2.891 E F4(/dev/tpm)2.891 E F0
2.891(;b)C 2.891(yo)-2.891 G(ccup)-2.891 E(ying)-.1 E
(one of the earlier ones with, for e)102 360 Q
(xample, shell redirection, a later one can be selected.)-.15 E F1 .625
(See also)84 384 R F0(The T)102 396 Q(rouSerS project page at)-.35 E F1
(https://sour)2.5 E(cef)-.18 E(or)-.25 E(ge.net/pr)-.1 E(ojects/tr)-.18
E(ousers)-.18 E F0(.)A 5.108(The TPM 1.2 main speci\214cation inde)102
414 R 7.609(xa)-.15 G(t)-7.609 E F1(https://trustedcomputinggr)7.609 E
(oup.or)-.18 E(g/r)-.1 E(esour)-.18 E(ce/tpm-main-)-.18 E
(speci\214cation)102 426 Q F0(.)A F1 1.666(SPECIAL THANKS)72 450 R F0
1.6 -.8(To a)102 462 T(ll who support further de).8 E -.15(ve)-.25 G
(lopment, in particular:).15 E F1<83>122 474 Q F0(ThePhD)2.5 E F1<83>122
486 Q F0(Embark Studios)2.5 E F1(REPOR)72 510 Q 1.666(TING B)-.4 F(UGS)
-.1 E(https://todo.sr)102 522 Q(.ht/~nabijaczleweli/tzpfms)-1 E F4
(~nabijaczleweli/tzpfms@lists.sr.ht)102 540 Q F0 2.5(,a)C(rchi)-2.5 E
-.15(ve)-.25 G 2.5(da).15 G(t)-2.5 E F1(https://lists.sr)2.5 E
(.ht/~nabijaczleweli/tzpfms)-1 E F0(.)A F1 1.666(SEE ALSO)72 564 R
(https://git.sr)102 576 Q(.ht/~nabijaczleweli/tzpfms)-1 E F0
(tzpfms 0.1-6)72 750 Q(October 15, 2021)148.595 E(10)189.145 E 0 Cg EP
%%Trailer
end
%%EOF

2
zfs-tpm-list.8
View File

@ -1,7 +1,7 @@
.Dd October 15, 2021
.ds doc-volume-operating-system
.Dt ZFS-TPM-LIST 8
.Os tzpfms 0.1-5
.Os tzpfms 0.1-6
.
.Sh NAME
.Nm zfs-tpm-list

2
zfs-tpm-list.8.html
View File

@ -168,7 +168,7 @@ owo/enc TPM1.X available yes</div>
<table class="foot">
<tr>
<td class="foot-date">October 15, 2021</td>
<td class="foot-os">tzpfms 0.1-5</td>
<td class="foot-os">tzpfms 0.1-6</td>
</tr>
</table>
</body>

2
zfs-tpm1x-change-key.8
View File

@ -1,7 +1,7 @@
.Dd October 15, 2021
.ds doc-volume-operating-system
.Dt ZFS-TPM1X-CHANGE-KEY 8
.Os tzpfms 0.1-5
.Os tzpfms 0.1-6
.
.Sh NAME
.Nm zfs-tpm1x-change-key

2
zfs-tpm1x-change-key.8.html
View File

@ -163,7 +163,7 @@
<table class="foot">
<tr>
<td class="foot-date">October 15, 2021</td>
<td class="foot-os">tzpfms 0.1-5</td>
<td class="foot-os">tzpfms 0.1-6</td>
</tr>
</table>
</body>

2
zfs-tpm1x-clear-key.8
View File

@ -1,7 +1,7 @@
.Dd October 15, 2021
.ds doc-volume-operating-system
.Dt ZFS-TPM1X-CLEAR-KEY 8
.Os tzpfms 0.1-5
.Os tzpfms 0.1-6
.
.Sh NAME
.Nm zfs-tpm1x-clear-key

2
zfs-tpm1x-clear-key.8.html
View File

@ -103,7 +103,7 @@
<table class="foot">
<tr>
<td class="foot-date">October 15, 2021</td>
<td class="foot-os">tzpfms 0.1-5</td>
<td class="foot-os">tzpfms 0.1-6</td>
</tr>
</table>
</body>

2
zfs-tpm1x-load-key.8
View File

@ -1,7 +1,7 @@
.Dd October 15, 2021
.ds doc-volume-operating-system
.Dt ZFS-TPM1X-LOAD-KEY 8
.Os tzpfms 0.1-5
.Os tzpfms 0.1-6
.
.Sh NAME
.Nm zfs-tpm1x-load-key

2
zfs-tpm1x-load-key.8.html
View File

@ -104,7 +104,7 @@
<table class="foot">
<tr>
<td class="foot-date">October 15, 2021</td>
<td class="foot-os">tzpfms 0.1-5</td>
<td class="foot-os">tzpfms 0.1-6</td>
</tr>
</table>
</body>

2
zfs-tpm2-change-key.8
View File

@ -1,7 +1,7 @@
.Dd October 15, 2021
.ds doc-volume-operating-system
.Dt ZFS-TPM2-CHANGE-KEY 8
.Os tzpfms 0.1-5
.Os tzpfms 0.1-6
.
.Sh NAME
.Nm zfs-tpm2-change-key

2
zfs-tpm2-change-key.8.html
View File

@ -176,7 +176,7 @@
<table class="foot">
<tr>
<td class="foot-date">October 15, 2021</td>
<td class="foot-os">tzpfms 0.1-5</td>
<td class="foot-os">tzpfms 0.1-6</td>
</tr>
</table>
</body>

2
zfs-tpm2-clear-key.8
View File

@ -1,7 +1,7 @@
.Dd October 15, 2021
.ds doc-volume-operating-system
.Dt ZFS-TPM2-CLEAR-KEY 8
.Os tzpfms 0.1-5
.Os tzpfms 0.1-6
.
.Sh NAME
.Nm zfs-tpm2-clear-key

2
zfs-tpm2-clear-key.8.html
View File

@ -118,7 +118,7 @@
<table class="foot">
<tr>
<td class="foot-date">October 15, 2021</td>
<td class="foot-os">tzpfms 0.1-5</td>
<td class="foot-os">tzpfms 0.1-6</td>
</tr>
</table>
</body>

2
zfs-tpm2-load-key.8
View File

@ -1,7 +1,7 @@
.Dd October 15, 2021
.ds doc-volume-operating-system
.Dt ZFS-TPM2-LOAD-KEY 8
.Os tzpfms 0.1-5
.Os tzpfms 0.1-6
.
.Sh NAME
.Nm zfs-tpm2-load-key

2
zfs-tpm2-load-key.8.html
View File

@ -101,7 +101,7 @@
<table class="foot">
<tr>
<td class="foot-date">October 15, 2021</td>
<td class="foot-os">tzpfms 0.1-5</td>
<td class="foot-os">tzpfms 0.1-6</td>
</tr>
</table>
</body>