third-party-mirrors/tzpfms
1
0
Fork 0
mirror of https://git.sr.ht/~nabijaczleweli/tzpfms synced 2025-04-13 09:37:13 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

Proof zfs-tpm1x-change-key.8

Browse Source
This commit is contained in:
наб 2021-11-28 17:13:15 +01:00
parent e0b0de31b9
commit 503ac72235
No known key found for this signature in database
GPG Key ID: BCFD0B018D2658F1
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -1,4 +1,4 @@
# tzpfms [![builds.sr.ht badge](//builds.sr.ht/~nabijaczleweli/tzpfms.svg)](https://builds.sr.ht/~nabijaczleweli/tzpfms) [![Licence](//img.shields.io/badge/license-MIT-blue.svg?style=flat)](LICENSE)
# tzpfms [![builds.sr.ht badge](//builds.sr.ht/~nabijaczleweli/tzpfms.svg)](//builds.sr.ht/~nabijaczleweli/tzpfms) [![Licence](//img.shields.io/badge/license-MIT-blue.svg?style=flat)](LICENSE)
TPM-based encryption keys for ZFS datasets.
## [Manpages](//srhtcdn.githack.com/~nabijaczleweli/tzpfms/blob/man/zfs-tpm-list.8.html) ([PDF](//srhtcdn.githack.com/~nabijaczleweli/tzpfms/blob/man/tzpfms.pdf))
@ -22,7 +22,7 @@ Additionally, 1.x TPMs support PCR binding with and without passwords.
2 TPMs support PCR binding without a password and PCR binding *OR* a password both may be set, and any can be used to unseal (exclusive by default to prevent foot-guns).
Both dracut (with/without Plymouth) (with/without hostonly) (only on systemd systems, I don't have a test-bed for the non-systemd path)
and initramfs-tools (with/without Plymouth) are supported for [ZFS-on-root](https://nabijaczleweli.xyz/content/blogn_t/005-low-curse-zfs-on-root.html) set-ups.
and initramfs-tools (with/without Plymouth) are supported for [ZFS-on-root](//nabijaczleweli.xyz/content/blogn_t/005-low-curse-zfs-on-root.html) set-ups.
### Building
@ -63,7 +63,7 @@ Then the usual
sudo apt update
sudo apt install tzpfms-tpm2 tzpfms-dracut
```
will work on amd64 and i386 (x32 [still](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968256#15) doesn't have ZFS in Debian).
will work on amd64, x32, and i386.
See the [repository README](//debian.nabijaczleweli.xyz/README) for more information.

2
man/zfs-tpm1x-change-key.8.pp
View File

@ -105,7 +105,7 @@ In case of a catastrophic event, the key can be loaded by running
Bind the key to space- or comma-separated
.Ar PCR Ns s
\(em if they change, the wrapping key will not be able to be unsealed.
The minimum amount of PCRs for a PC TPM is
The minimum number of PCRs for a PC TPM is
.Sy 24 Pq numbered Sy 0 Ns .. Ns Sy 23 .
For most, this is also the maximum.
.El