third-party-mirrors/tzpfms
1
0
Fork 0
mirror of https://git.sr.ht/~nabijaczleweli/tzpfms synced 2025-04-23 09:50:28 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

Manpage update by job 1159050

Browse Source
This commit is contained in:
наб autouploader 2024-02-28 18:31:49 +00:00
parent 430d673f1b
commit 5a6bb7c0cf
16 changed files with 273 additions and 273 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
tzpfms.pdf
View File

Binary file not shown.

502
tzpfms.ps
View File

@ -1,6 +1,6 @@
%!PS-Adobe-3.0
%%Creator: groff version 1.23.0
%%CreationDate: Wed Dec 20 15:42:42 2023
%%CreationDate: Wed Feb 28 18:31:49 2024
%%DocumentNeededResources: font Times-Roman
%%+ font Times-Bold
%%+ font Courier-Bold
@ -278,9 +278,9 @@ BP
%%EndPageSetup
/F0 10/Times-Roman@0 SF 93.563(ZFS-TPM-LIST\(8\) System)72 48 R
(Manager')2.5 E 2.5(sM)-.55 G 91.062(anual ZFS-TPM-LIST\(8\))-2.5 F/F1
10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E F0
(zfs-tpm-list \212 print dataset tzpfms metadata)108 96 Q F1(SYNOPSIS)72
112.8 Q/F2 10/Courier-Bold@0 SF(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2
10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
(zfs-tpm-list)108 96 Q F0 2.5<8a70>2.5 G(rint dataset tzpfms metadata)
-2.5 E F1(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2
<ad48>1.666 E F0 2.5(][)C F2<ad72>-.834 E F0(|)A F2<ad64>1.666 E/F3 10
/Courier-Oblique@0 SF(depth)6 E F0 2.5(][)C F2<ad61>-.834 E F0(|)A F2
<ad62>1.666 E F3(back-end)6 E F0 2.5(][)C F2<ad75>-.834 E F0(|)A F2
@ -343,8 +343,8 @@ F2 1.666(zfs-tpm-list \255al)6 F F4 72(NAME BACK-END)108 727.2 R 6
(KEYSTATUS COHERENT)12 F 54(filling -)108 739.2 R 6(available yes)54 F
36(tarta-zoot TPM1.X)108 751.2 R 6(available yes)24 F 12
(tarta-zoot/bkp -)108 763.2 R 6(available yes)54 F 18(tarta-zoot/vm -)
108 775.2 R 6(available yes)54 F F0(tzpfms 0.3.4-2-gbf78dcb)72 817.889 Q
(December 4, 2022)89.693 E(1)183.842 E 0 Cg EP
108 775.2 R 6(available yes)54 F F0(tzpfms 0.3.4-6-g)72 817.889 Q 86.133
(a0246cb December)-.05 F(4, 2022)2.5 E(1)183.842 E 0 Cg EP
%%Page: 2 2
%%BeginPageSetup
BP
@ -360,24 +360,23 @@ BP
E/F2 10/Courier@0 SF(\001nabijaczleweli/tzpfms@lists.sr.ht)108 189.6 Q
F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
(https://lists.sr)108 201.6 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
-.25 E(tzpfms 0.3.4-2-gbf78dcb)72 817.889 Q(December 4, 2022)89.693 E(2)
183.842 E 0 Cg EP
-.25 E(tzpfms 0.3.4-6-g)72 817.889 Q 86.133(a0246cb December)-.05 F
(4, 2022)2.5 E(2)183.842 E 0 Cg EP
%%Page: 1 3
%%BeginPageSetup
BP
%%EndPageSetup
/F0 10/Times-Roman@0 SF 36.913(ZFS-TPM1X-CHANGE-KEY\(8\) System)72 48 R
(Manager')2.5 E 2.5(sM)-.55 G 34.412(anual ZFS-TPM1X-CHANGE-KEY\(8\))
-2.5 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E F0
(zfs-tpm1x-change-k)108 96 Q .3 -.15(ey \212 c)-.1 H
(hange ZFS dataset k).15 E .3 -.15(ey t)-.1 H 2.5(oo).15 G
(ne stored on the TPM)-2.5 E F1(SYNOPSIS)72 112.8 Q/F2 10/Courier-Bold@0
SF(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad62>1.666 E/F3 10
/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2<ad50>-.834 E F3
(PCR)6 E F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C(])-1.666 E F3(dataset)
2.5 E F1(DESCRIPTION)72 141.6 Q F0 6.867 -.8(To n)108 153.6 T 5.267
(ormalise the).8 F F3(dataset)7.767 E F0(,)A F2(zfs-tpm-list)7.766 E F0
5.266(will open its encryption root in its stead.)7.766 F F2
-2.5 F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0
SF(zfs-tpm1x-change-key)108 96 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)
-2.5 E .3 -.15(ey t)-.1 H 2.5(oo).15 G(ne stored on the TPM)-2.5 E F1
(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad62>
1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2<ad50>
-.834 E F3(PCR)6 E F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C(])-1.666 E F3
(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 6.867 -.8(To n)108 153.6 T
5.267(ormalise the).8 F F3(dataset)7.767 E F0(,)A F2(zfs-tpm-list)7.766
E F0 5.266(will open its encryption root in its stead.)7.766 F F2
(zfs-tpm-list)108 165.6 Q F0(will)2.5 E/F4 10/Times-Italic@0 SF(ne)2.5 E
(ver)-.15 E F0(create or destro)2.5 E 2.5(ye)-.1 G(ncryption roots; use)
-2.5 E/F5 10/Courier@0 SF(zfs-change-key)2.5 E F0(\(8\) for that.)A
@ -389,7 +388,7 @@ F2(tzpfms)3.176 E F0 .676(and the)3.176 F F1(TPM1.X)3.176 E F0 .676
(data will be silently cleared.)108 211.2 R .926
(Otherwise, or in case of an error)5.926 F 3.426(,d)-.4 G .926
(ata required for manual interv)-3.426 F(ention)-.15 E
(will be printed to the standard error stream.)108 223.2 Q(Ne)108 240 Q
(will be written to the standard error stream.)108 223.2 Q(Ne)108 240 Q
.294(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594 -.15
(ey i)-.1 H 2.794(sg).15 G .294(enerated on the TPM, optionally back)
-2.794 F .294(ed up \(see)-.1 F F1(OPTIONS)2.794 E F0 .294
@ -470,8 +469,8 @@ F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F5
133 732 Q(xcept for a trailing ne)-.15 E(w-line, if an)-.25 E 3.8 -.65
(y. T)-.15 H(he ar).65 E(guments are:)-.18 E F5($1)143 744 Q F0
(Pre-formatted noun phrase with all the information belo)160 744 Q 1.3
-.65(w, f)-.25 H(or use as a prompt).65 E(tzpfms 0.3.4-2-gbf78dcb)72
817.889 Q(December 4, 2022)89.693 E(1)183.842 E 0 Cg EP
-.65(w, f)-.25 H(or use as a prompt).65 E(tzpfms 0.3.4-6-g)72 817.889 Q
86.128(a0246cb February)-.05 F(28, 2024)2.5 E(1)183.837 E 0 Cg EP
%%Page: 2 4
%%BeginPageSetup
BP
@ -522,78 +521,78 @@ F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
(and https://trustedcomputinggroup.or)108 451.2 Q
(g/wp-content/uploads/PC-)-.18 E(ClientSpeci\214c_Platform_Pro\214le_fo\
r_TPM_2p0_Systems_v51.pdf, Section 2.3.4 "PCR Usage", T)108 463.2 Q
(able)-.8 E(1.)108 475.2 Q(tzpfms 0.3.4-2-gbf78dcb)72 817.889 Q
(December 4, 2022)89.693 E(2)183.842 E 0 Cg EP
(able)-.8 E(1.)108 475.2 Q(tzpfms 0.3.4-6-g)72 817.889 Q 86.128
(a0246cb February)-.05 F(28, 2024)2.5 E(2)183.837 E 0 Cg EP
%%Page: 1 5
%%BeginPageSetup
BP
%%EndPageSetup
/F0 10/Times-Roman@0 SF 45.793(ZFS-TPM1X-CLEAR-KEY\(8\) System)72 48 R
(Manager')2.5 E 2.5(sM)-.55 G 43.292(anual ZFS-TPM1X-CLEAR-KEY\(8\))-2.5
F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E F0(zfs-tpm1x-clear)108 96
Q(-k)-.2 E .3 -.15(ey \212 r)-.1 H -.25(ew).15 G(rap ZFS dataset k).25 E
.3 -.15(ey i)-.1 H 2.5(np).15 G(asssw)-2.5 E
(ord and clear tzpfms TPM1.X metadata)-.1 E F1(SYNOPSIS)72 112.8 Q/F2 10
/Courier-Bold@0 SF(zfs-tpm-list)108 124.8 Q/F3 10/Courier-Oblique@0 SF
(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0(After v)108 153.6 Q
F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
(zfs-tpm1x-clear-key)108 96 Q F0 3.008<8a72>3.007 G -.25(ew)-3.008 G
.508(rap ZFS dataset k).25 F .808 -.15(ey i)-.1 H 3.008(np).15 G(asssw)
-3.008 E .508(ord and clear tzpfms TPM1.X meta-)-.1 F(data)108 108 Q F1
(SYNOPSIS)72 124.8 Q F2(zfs-tpm-list)108 136.8 Q/F3 10/Courier-Oblique@0
SF(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0(After v)108 165.6 Q
(erifying)-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G 2.5(se).1 G
(ncrypted with)-2.5 E F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E F1(TPM1.X)
2.5 E F0(:)A 5(1. performs)118 165.6 R 5.641(the equi)8.141 F -.25(va)
-.25 G 5.641(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>13.308 E
/F4 10/Courier@0 SF(keylocation=prompt)11.642 E F2<ad6f>13.308 E F4
(keyformat=passphrase)133 177.6 Q F3(dataset)6 E F0(,)A 5(2. remo)118
189.6 R -.15(ve)-.15 G 10.689(st).15 G(he)-10.689 E F4
2.5 E F0(:)A 5(1. performs)118 177.6 R 5.642(the equi)8.142 F -.25(va)
-.25 G 5.642(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>13.307 E
/F4 10/Courier@0 SF(keylocation=prompt)11.641 E F2<ad6f>13.307 E F4
(keyformat=passphrase)133 189.6 Q F3(dataset)6 E F0(,)A 5(2. remo)118
201.6 R -.15(ve)-.15 G 10.689(st).15 G(he)-10.689 E F4
(xyz.nabijaczleweli:tzpfms.)10.689 E F0({)A F4(backend)A F0(,)A F4(key)
14.189 E F0 10.689(}p)C 8.189(roperties from)-10.689 F F3(dataset)133
201.6 Q F0(.)A(See)108 218.4 Q F4(zfs-tpm1x-change-key)2.5 E F0
213.6 Q F0(.)A(See)108 230.4 Q F4(zfs-tpm1x-change-key)2.5 E F0
(\(8\) for a detailed description.)A F1 1.666
(TPM1.X back-end con\214guration)72 235.2 R .625(TPM selection)87 247.2
R F0(The)108 259.2 Q F2(tzpfms)2.729 E F0 .229
(suite connects to a local)2.729 F F4(tcsd)2.73 E F0 .23
(\(8\) process \(at)B F4(localhost:30003)2.73 E F0 2.73(\)b)C 2.73(yd)
-2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 271.2 Q
(vironment v)-.4 E(ariable)-.25 E F4(TZPFMS_TPM1X)2.5 E F0
(to specify a remote TCS hostname.)2.5 E .111(The T)108 288 R(rouSerS)
-.35 E F4(tcsd)2.611 E F0 .111(\(8\) daemon will try)B F4(/dev/tpm0)2.61
E F0 2.61(,t)C(hen)-2.61 E F4(/udev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E
F4(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
300 S(ing one of the earlier ones with, for e).1 E
(TPM1.X back-end con\214guration)72 247.2 R .625(TPM selection)87 259.2
R F0(The)108 271.2 Q F2(tzpfms)2.73 E F0 .23(suite connects to a local)
2.73 F F4(tcsd)2.73 E F0 .23(\(8\) process \(at)B F4(localhost:30003)
2.729 E F0 2.729(\)b)C 2.729(yd)-2.729 G(ef)-2.729 E 2.729(ault. Use)-.1
F(the)2.729 E(en)108 283.2 Q(vironment v)-.4 E(ariable)-.25 E F4
(TZPFMS_TPM1X)2.5 E F0(to specify a remote TCS hostname.)2.5 E .11
(The T)108 300 R(rouSerS)-.35 E F4(tcsd)2.61 E F0 .11
(\(8\) daemon will try)B F4(/dev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E F4
(/udev/tpm0)2.611 E F0 2.611(,t)C(hen)-2.611 E F4(/dev/tpm)2.611 E F0
2.611(;b)C 2.611(yo)-2.611 G(ccu-)-2.611 E -.1(py)108 312 S
(ing one of the earlier ones with, for e).1 E
(xample, shell redirection, a later one can be selected.)-.15 E F1 .625
(See also)87 316.8 R F0(The T)108 328.8 Q
(See also)87 328.8 R F0(The T)108 340.8 Q
(rouSerS project page at https://sourcefor)-.35 E
(ge.net/projects/trousers.)-.18 E 4.415
(The TPM 1.2 main speci\214cation inde)108 345.6 R 6.915(xa)-.15 G 6.915
(The TPM 1.2 main speci\214cation inde)108 357.6 R 6.915(xa)-.15 G 6.915
(th)-6.915 G(ttps://trustedcomputinggroup.or)-6.915 E
(g/resource/tpm-main-)-.18 E(speci\214cation.)108 357.6 Q F1 1.666
(SPECIAL THANKS)72 374.4 R F0 1.6 -.8(To a)108 386.4 T
(g/resource/tpm-main-)-.18 E(speci\214cation.)108 369.6 Q F1 1.666
(SPECIAL THANKS)72 386.4 R F0 1.6 -.8(To a)108 398.4 T
(ll who support further de).8 E -.15(ve)-.25 G(lopment, in particular:)
.15 E F1<83>128 398.4 Q F0(ThePhD)7.5 E F1<83>128 410.4 Q F0
(Embark Studios)7.5 E F1<83>128 422.4 Q F0(Jasper Bekk)7.5 E(ers)-.1 E
F1<83>128 434.4 Q F0(EvModder)7.5 E F1(REPOR)72 451.2 Q 1.666(TING B)-.4
F(UGS)-.1 E F0(https://todo.sr)108 463.2 Q(.ht/\001nabijaczle)-.55 E
(weli/tzpfms)-.25 E F4(\001nabijaczleweli/tzpfms@lists.sr.ht)108 480 Q
F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
(https://lists.sr)108 492 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
E(tzpfms 0.3.4-2-gbf78dcb)72 817.889 Q(December 4, 2022)89.693 E(1)
183.842 E 0 Cg EP
.15 E F1<83>128 410.4 Q F0(ThePhD)7.5 E F1<83>128 422.4 Q F0
(Embark Studios)7.5 E F1<83>128 434.4 Q F0(Jasper Bekk)7.5 E(ers)-.1 E
F1<83>128 446.4 Q F0(EvModder)7.5 E F1(REPOR)72 463.2 Q 1.666(TING B)-.4
F(UGS)-.1 E F0(https://todo.sr)108 475.2 Q(.ht/\001nabijaczle)-.55 E
(weli/tzpfms)-.25 E F4(\001nabijaczleweli/tzpfms@lists.sr.ht)108 492 Q
F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
(https://lists.sr)108 504 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
E(tzpfms 0.3.4-6-g)72 817.889 Q 86.133(a0246cb December)-.05 F(4, 2022)
2.5 E(1)183.842 E 0 Cg EP
%%Page: 1 6
%%BeginPageSetup
BP
%%EndPageSetup
/F0 10/Times-Roman@0 SF(ZFS-TPM1X-LO)72 48 Q 51.153(AD-KEY\(8\) System)
-.35 F(Manager')2.5 E 2.5(sM)-.55 G 48.652(anual ZFS-TPM1X-LO)-2.5 F
(AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E F0
(zfs-tpm1x-load-k)108 96 Q .3 -.15(ey \212 l)-.1 H
(oad TPM1.X-encrypted ZFS dataset k).15 E -.15(ey)-.1 G F1(SYNOPSIS)72
112.8 Q/F2 10/Courier-Bold@0 SF(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2
<ad6e>1.666 E F0(])A/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1
(DESCRIPTION)72 141.6 Q F0 .19(After v)108 153.6 R(erifying)-.15 E F3
(dataset)2.69 E F0 -.1(wa)2.69 G 2.69(se).1 G .19(ncrypted with)-2.69 F
F2(tzpfms)2.69 E F0(back)2.69 E(end)-.1 E F1(TPM1.X)2.69 E F0 .191
(will unseal the k)2.69 F .491 -.15(ey a)-.1 H .191(nd load).15 F
(it into)108 165.6 Q F3(dataset)2.5 E F0(.)A .236
(AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10
/Courier-Bold@0 SF(zfs-tpm1x-load-key)108 96 Q F0 2.5<8a6c>2.5 G
(oad TPM1.X-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1(SYNOPSIS)72
112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E F0(])A/F3
10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 .191
(After v)108 153.6 R(erifying)-.15 E F3(dataset)2.691 E F0 -.1(wa)2.691
G 2.691(se).1 G .191(ncrypted with)-2.691 F F2(tzpfms)2.69 E F0(back)
2.69 E(end)-.1 E F1(TPM1.X)2.69 E F0 .19(will unseal the k)2.69 F .49
-.15(ey a)-.1 H .19(nd load).15 F(it into)108 165.6 Q F3(dataset)2.5 E
F0(.)A .236
(The user is \214rst prompted for the SRK passphrase, set when taking o)
108 182.4 R .236(wnership, if not "well-kno)-.25 F .235(wn" \(all)-.25 F
108 182.4 R .236(wnership, if not "well-kno)-.25 F .236(wn" \(all)-.25 F
(zeroes\); then for the additional passphrase, set when creating the k)
108 194.4 Q -.15(ey)-.1 G 2.5(,i)-.5 G 2.5(fo)-2.5 G(ne w)-2.5 E
(as set.)-.1 E(See)108 211.2 Q/F4 10/Courier@0 SF(zfs-tpm1x-change-key)
@ -601,14 +600,14 @@ F2(tzpfms)2.69 E F0(back)2.69 E(end)-.1 E F1(TPM1.X)2.69 E F0 .191
<ad6e>109.666 240 Q F0 3.208(Do a no-op/dry run, can be used e)131 240 R
-.15(ve)-.25 G 5.708(ni).15 G 5.708(ft)-5.708 G 3.208(he k)-5.708 F
3.508 -.15(ey i)-.1 H 5.708(sa).15 G 3.208(lready loaded.)-5.708 F(Equi)
8.208 E -.25(va)-.25 G 3.208(lent to).25 F F2(zfs)5.708 E(load-key)131
8.207 E -.25(va)-.25 G 3.207(lent to).25 F F2(zfs)5.707 E(load-key)131
252 Q F0 -.55('s)C F2<ad6e>4.716 E F0(option.)2.5 E F1(ENVIR)72 268.8 Q
1.666(ONMENT V)-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108
280.8 Q F0 .046(By def)133 292.8 R .045(ault, passphrases are prompted \
for and read in on the standard output and input streams.)-.1 F(If)5.045
E F4(TZPFMS_PASSPHRASE_HELPER)133 304.8 Q F0 1.595(is set and nonempty)
4.095 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F
F4(/bin/)4.096 E F2 3.262(sh \255c)B F0(to)4.096 E(pro)133 316.8 Q
280.8 Q F0 .045(By def)133 292.8 R .045(ault, passphrases are prompted \
for and read in on the standard output and input streams.)-.1 F(If)5.046
E F4(TZPFMS_PASSPHRASE_HELPER)133 304.8 Q F0 1.596(is set and nonempty)
4.096 F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F
F4(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 316.8 Q
(vide each passphrase, instead.)-.15 E .643
(The standard output stream of the helper is tied to an anon)133 333.6 R
.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
@ -621,23 +620,23 @@ F4(/bin/)4.096 E F2 3.262(sh \255c)B F0(to)4.096 E(pro)133 316.8 Q
381.6 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
(assphrase, otherwise blank)-2.5 E F4($4)143 393.6 Q F0("ag)160 393.6 Q
(ain" if it')-.05 E 2.5(st)-.55 G
(he second prompt for that passphrase, otherwise blank)-2.5 E .177
(If the helper doesn')133 410.4 R 2.677(te)-.18 G .177
(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
(he second prompt for that passphrase, otherwise blank)-2.5 E .178
(If the helper doesn')133 410.4 R 2.678(te)-.18 G .178
(xist \(the shell e)-2.828 F .177(xits with)-.15 F F1(127)2.677 E F0
.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
422.4 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
(TPM1.X back-end con\214guration)72 439.2 R .625(TPM selection)87 451.2
R F0(The)108 463.2 Q F2(tzpfms)2.73 E F0 .23(suite connects to a local)
2.73 F F4(tcsd)2.73 E F0 .23(\(8\) process \(at)B F4(localhost:30003)
2.729 E F0 2.729(\)b)C 2.729(yd)-2.729 G(ef)-2.729 E 2.729(ault. Use)-.1
F(the)2.729 E(en)108 475.2 Q(vironment v)-.4 E(ariable)-.25 E F4
(TZPFMS_TPM1X)2.5 E F0(to specify a remote TCS hostname.)2.5 E .11
(The T)108 492 R(rouSerS)-.35 E F4(tcsd)2.61 E F0 .11
(\(8\) daemon will try)B F4(/dev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E F4
(/udev/tpm0)2.611 E F0 2.611(,t)C(hen)-2.611 E F4(/dev/tpm)2.611 E F0
2.611(;b)C 2.611(yo)-2.611 G(ccu-)-2.611 E -.1(py)108 504 S
(ing one of the earlier ones with, for e).1 E
R F0(The)108 463.2 Q F2(tzpfms)2.729 E F0 .229
(suite connects to a local)2.729 F F4(tcsd)2.73 E F0 .23
(\(8\) process \(at)B F4(localhost:30003)2.73 E F0 2.73(\)b)C 2.73(yd)
-2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 475.2 Q
(vironment v)-.4 E(ariable)-.25 E F4(TZPFMS_TPM1X)2.5 E F0
(to specify a remote TCS hostname.)2.5 E .111(The T)108 492 R(rouSerS)
-.35 E F4(tcsd)2.611 E F0 .111(\(8\) daemon will try)B F4(/dev/tpm0)2.61
E F0 2.61(,t)C(hen)-2.61 E F4(/udev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E
F4(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
504 S(ing one of the earlier ones with, for e).1 E
(xample, shell redirection, a later one can be selected.)-.15 E F1 .625
(See also)87 520.8 R F0(The T)108 532.8 Q
(rouSerS project page at https://sourcefor)-.35 E
@ -652,46 +651,47 @@ F(the)2.729 E(en)108 475.2 Q(vironment v)-.4 E(ariable)-.25 E F4
F1<83>128 638.4 Q F0(EvModder)7.5 E F1(REPOR)72 655.2 Q 1.666(TING B)-.4
F(UGS)-.1 E F0(https://todo.sr)108 667.2 Q(.ht/\001nabijaczle)-.55 E
(weli/tzpfms)-.25 E F4(\001nabijaczleweli/tzpfms@lists.sr.ht)108 684 Q
F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
(https://lists.sr)108 696 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
E(tzpfms 0.3.4-2-gbf78dcb)72 817.889 Q(December 4, 2022)89.693 E(1)
183.842 E 0 Cg EP
E(tzpfms 0.3.4-6-g)72 817.889 Q 86.133(a0246cb December)-.05 F(4, 2022)
2.5 E(1)183.842 E 0 Cg EP
%%Page: 1 7
%%BeginPageSetup
BP
%%EndPageSetup
/F0 10/Times-Roman@0 SF 44.133(ZFS-TPM2-CHANGE-KEY\(8\) System)72 48 R
(Manager')2.5 E 2.5(sM)-.55 G 41.632(anual ZFS-TPM2-CHANGE-KEY\(8\))-2.5
F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E F0(zfs-tpm2-change-k)108
96 Q .3 -.15(ey \212 c)-.1 H(hange ZFS dataset k).15 E .3 -.15(ey t)-.1
H 2.5(oo).15 G(ne stored on the TPM)-2.5 E F1(SYNOPSIS)72 112.8 Q/F2 10
/Courier-Bold@0 SF(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad62>1.666 E
/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2<ad50>-.834 E
F3(algorithm)6 E F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C
([)186 136.8 Q F2(+)A F3(algorithm)A F2(:)A F3(PCR)A F0([)A F2(,)A F3
(PCR)A F0 1.666(]...)C -3.332 1.666(]... [)-1.666 H F2<ad41>A F0(]])A F3
(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0 1.677 -.8(To n)108 165.6 T
(ormalise).8 E F3(dataset)2.577 E F0(,)A F2(zfs-tpm-list)2.577 E F0 .076
(will open its encryption root in its stead.)2.576 F F2(zfs-tpm-list)
5.076 E F0(will)108 177.6 Q/F4 10/Times-Italic@0 SF(ne)2.5 E(ver)-.15 E
F0(create or destro)2.5 E 2.5(ye)-.1 G(ncryption roots; use)-2.5 E/F5 10
/Courier@0 SF(zfs-change-key)2.5 E F0(\(8\) for that.)A
(First, a connection is made to the TPM, which)108 194.4 Q F4(must)2.5 E
F0(be TPM-2.0-compatible.)2.5 E(If)108 211.2 Q F3(dataset)3.054 E F0 -.1
(wa)3.054 G 3.054(sp).1 G(re)-3.054 E .554(viously encrypted with)-.25 F
F2(tzpfms)3.055 E F0 .555(and the)3.055 F F1(TPM2)3.055 E F0 .555
(back-end w)3.055 F .555(as used, the pre)-.1 F(vious)-.25 E -.1(ke)108
223.2 S 3.06(yw)-.05 G .56(ill be freed from the TPM.)-3.06 F .56
(Otherwise, or in case of an error)5.56 F 3.059(,d)-.4 G .559
(ata required for manual interv)-3.059 F(en-)-.15 E
(tion will be printed to the standard error stream.)108 235.2 Q(Ne)108
252 Q .294(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594
F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
(zfs-tpm2-change-key)108 96 Q F0 2.5<8a63>2.5 G(hange ZFS dataset k)-2.5
E .3 -.15(ey t)-.1 H 2.5(oo).15 G(ne stored on the TPM)-2.5 E F1
(SYNOPSIS)72 112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad62>
1.666 E/F3 10/Courier-Oblique@0 SF(backup-file)6 E F0 2.5(][)C F2<ad50>
-.834 E F3(algorithm)6 E F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666
(]...)C([)186 136.8 Q F2(+)A F3(algorithm)A F2(:)A F3(PCR)A F0([)A F2(,)
A F3(PCR)A F0 1.666(]...)C -3.332 1.666(]... [)-1.666 H F2<ad41>A F0(]])
A F3(dataset)2.5 E F1(DESCRIPTION)72 153.6 Q F0 1.676 -.8(To n)108 165.6
T(ormalise).8 E F3(dataset)2.576 E F0(,)A F2(zfs-tpm-list)2.576 E F0
.076(will open its encryption root in its stead.)2.576 F F2
(zfs-tpm-list)5.077 E F0(will)108 177.6 Q/F4 10/Times-Italic@0 SF(ne)2.5
E(ver)-.15 E F0(create or destro)2.5 E 2.5(ye)-.1 G
(ncryption roots; use)-2.5 E/F5 10/Courier@0 SF(zfs-change-key)2.5 E F0
(\(8\) for that.)A(First, a connection is made to the TPM, which)108
194.4 Q F4(must)2.5 E F0(be TPM-2.0-compatible.)2.5 E(If)108 211.2 Q F3
(dataset)3.055 E F0 -.1(wa)3.055 G 3.055(sp).1 G(re)-3.055 E .555
(viously encrypted with)-.25 F F2(tzpfms)3.055 E F0 .555(and the)3.055 F
F1(TPM2)3.055 E F0 .554(back-end w)3.054 F .554(as used, the pre)-.1 F
(vious)-.25 E -.1(ke)108 223.2 S 3.059(yw)-.05 G .559
(ill be freed from the TPM.)-3.059 F .56
(Otherwise, or in case of an error)5.56 F 3.06(,d)-.4 G .56
(ata required for manual interv)-3.06 F(en-)-.15 E
(tion will be written to the standard error stream.)108 235.2 Q(Ne)108
252 Q .295(xt, a ne)-.15 F 2.794(ww)-.25 G .294(rapping k)-2.794 F .594
-.15(ey i)-.1 H 2.794(sg).15 G .294
(enerated on the TPM, optionally back)-2.794 F .294(ed up \(see)-.1 F F1
(OPTIONS)2.794 E F0 .294(\), and sealed)B .589
(OPTIONS)2.794 E F0 .294(\), and sealed)B .588
(to a persistent object on the TPM under the o)108 264 R .589
(wner hierarch)-.25 F .588(y; if there is a passphrase set on the o)-.05
F(wner)-.25 E(hierarch)108 276 Q 1.602 -.65(y, t)-.05 H .302
(wner hierarch)-.25 F .589(y; if there is a passphrase set on the o)-.05
F(wner)-.25 E(hierarch)108 276 Q 1.603 -.65(y, t)-.05 H .302
(he user is prompted for it; the user is al).65 F -.1(wa)-.1 G .302
(ys prompted for an optional passphrase to protect).1 F
(the sealed object with.)108 288 Q(The follo)108 304.8 Q
@ -701,74 +701,74 @@ F(wner)-.25 E(hierarch)108 276 Q 1.602 -.65(y, t)-.05 H .302
(persistent-object-ID)A F0([)139 340.8 Q F2(;)A F3(algorithm)A F2(:)A F3
(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C([)-1.666 E F2(+)A F3
(algorithm)A F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C
1.666(]...)-1.666 G(])-1.666 E F5(tzpfms.backend)108 357.6 Q F0 1.264
(identi\214es this dataset for w)3.764 F 1.263(ork with)-.1 F F1(TPM2)
3.763 E F0(-back-ended)A F2(tzpfms)3.763 E F0 1.263(tools \(namely)3.763
1.666(]...)-1.666 G(])-1.666 E F5(tzpfms.backend)108 357.6 Q F0 1.263
(identi\214es this dataset for w)3.763 F 1.264(ork with)-.1 F F1(TPM2)
3.764 E F0(-back-ended)A F2(tzpfms)3.764 E F0 1.264(tools \(namely)3.764
F F5(zfs-tpm2-change-key)108 369.6 Q F0(\(8\),)A F5(zfs-tpm2-load-key)
2.5 E F0(\(8\), and)A F5(zfs-tpm2-clear-key)2.5 E F0(\(8\)\).)A F5
(tzpfms.key)108 386.4 Q F0 1.508(is an inte)4.008 F 1.509
(tzpfms.key)108 386.4 Q F0 1.509(is an inte)4.009 F 1.509
(ger representing the sealed object, optionally follo)-.15 F 1.509
(wed by a semicolon and)-.25 F .823(PCR list as speci\214ed with)108
(wed by a semicolon and)-.25 F .822(PCR list as speci\214ed with)108
398.4 R F2<ad50>4.988 E F0 3.322(,n)C .822(ormalised to be)-3.322 F F2
(tpm-tools)3.322 E F0 .822(-toolchain-compatible; if needed, it can)B
.865(be passed to)108 410.4 R F2 2.532(tpm2_unseal \255c)3.366 F F5
(tpm-tools)3.322 E F0 .823(-toolchain-compatible; if needed, it can)B
.866(be passed to)108 410.4 R F2 2.532(tpm2_unseal \255c)3.366 F F5
(${tzpfms.key)6.866 E F2(%%)A F5(;)A/F6 10/Symbol SF(*)A F5(})A F0(with)
3.366 E F2<ad70>5.032 E F0(")6.866 E F5(str:${passphrase})A F0 3.366("o)
C(r)-3.366 E F2<ad70>109.666 422.4 Q F0(")6.728 E F5(pcr:${tzpfms.key)A
F2(#)A F6(*)A F5(;})A F0 .728(", as the case may be, or equi)B -.25(va)
-.25 G .727(lent, for back-up \(see).25 F F1(OPTIONS)3.227 E F0(\).)A
.447(If you ha)108 434.4 R .747 -.15(ve a s)-.2 H .447(ealed k).15 F
3.366 E F2<ad70>5.032 E F0(")6.866 E F5(str:${passphrase})A F0 3.365("o)
C(r)-3.365 E F2<ad70>109.666 422.4 Q F0(")6.727 E F5(pcr:${tzpfms.key)A
F2(#)A F6(*)A F5(;})A F0 .727(", as the case may be, or equi)B -.25(va)
-.25 G .728(lent, for back-up \(see).25 F F1(OPTIONS)3.228 E F0(\).)A
.448(If you ha)108 434.4 R .748 -.15(ve a s)-.2 H .448(ealed k).15 F
.748 -.15(ey y)-.1 H .448(ou can access with that or equi).15 F -.25(va)
-.25 G .448(lent tool and set both of these properties, it).25 F
(will funxion seamlessly)108 446.4 Q(.)-.65 E(Finally)108 463.2 Q 12.006
(,t)-.65 G 9.506(he equi)-12.006 F -.25(va)-.25 G 9.506(lent of).25 F F2
9.505(zfs change-key)12.005 F<ad6f>17.171 E F5(keylocation=prompt)15.505
E F2<ad6f>17.171 E F5(keyformat=raw)108 475.2 Q F3(dataset)6.106 E F0
.106(is performed with the ne)2.606 F 2.606(wk)-.25 G -.15(ey)-2.706 G
5.106(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606 G .107
(rror occurred, best ef)-2.606 F .107(fort is made)-.25 F .289(to clean\
-.25 G .447(lent tool and set both of these properties, it).25 F
(will funxion seamlessly)108 446.4 Q(.)-.65 E(Finally)108 463.2 Q 12.005
(,t)-.65 G 9.505(he equi)-12.005 F -.25(va)-.25 G 9.505(lent of).25 F F2
9.505(zfs change-key)12.005 F<ad6f>17.172 E F5(keylocation=prompt)15.506
E F2<ad6f>17.172 E F5(keyformat=raw)108 475.2 Q F3(dataset)6.107 E F0
.107(is performed with the ne)2.607 F 2.606(wk)-.25 G -.15(ey)-2.706 G
5.106(.I)-.5 G 2.606(fa)-5.106 G 2.606(ne)-2.606 G .106
(rror occurred, best ef)-2.606 F .106(fort is made)-.25 F .289(to clean\
up the persistent object and properties, or to issue a note for manual\
interv)108 487.2 R .289(ention into the stan-)-.15 F
(dard error stream.)108 499.2 Q 2.624<418c>108 516 S .124(nal v)-2.624 F
.124(eri\214cation should be made by running)-.15 F F2 1.791
(zfs-tpm2-load-key \255n)2.625 F F3(dataset)6.125 E F0 5.125(.I)C 2.625
(ft)-5.125 G .125(hat com-)-2.625 F .507(mand succeeds, all is well, b)
interv)108 487.2 R .29(ention into the stan-)-.15 F(dard error stream.)
108 499.2 Q 2.625<418c>108 516 S .125(nal v)-2.625 F .125
(eri\214cation should be made by running)-.15 F F2 1.79
(zfs-tpm2-load-key \255n)2.624 F F3(dataset)6.124 E F0 5.124(.I)C 2.624
(ft)-5.124 G .124(hat com-)-2.624 F .506(mand succeeds, all is well, b)
108 528 R .506(ut otherwise the dataset can be manually rolled back to \
a passphrase with)-.2 F F2(zfs-tpm2-clear-key)108 540 Q F3(dataset)
11.538 E F0(\(or)8.039 E 8.039(,i)-.4 G 8.039(ft)-8.039 G 5.539(hat f)
11.539 E F0(\(or)8.039 E 8.039(,i)-.4 G 8.039(ft)-8.039 G 5.539(hat f)
-8.039 F 5.539(ails to w)-.1 F(ork,)-.1 E F2 5.539(zfs change-key)8.039
F<ad6f>13.205 E F5(keyformat=passphrase)108 552 Q F3(dataset)6 E F0
F<ad6f>13.204 E F5(keyformat=passphrase)108 552 Q F3(dataset)6 E F0
(\), and you are hereby ask)A(ed to report a b)-.1 E(ug, please.)-.2 E
F2(zfs-tpm2-clear-key)108 568.8 Q F3(dataset)6.029 E F0 .029
(can be used to free the TPM persistent object and go back to us-)2.529
F(ing a passphrase.)108 580.8 Q F1(OPTIONS)72 597.6 Q F2<ad62>109.666
609.6 Q F3(backup-file)6 E F0(Sa)203 609.6 Q .352 -.15(ve a b)-.2 H .052
609.6 Q F3(backup-file)6 E F0(Sa)203 609.6 Q .353 -.15(ve a b)-.2 H .052
(ack-up of the k).15 F .352 -.15(ey t)-.1 H(o).15 E F3(backup-file)2.552
E F0 2.552(,w)C .052(hich must not e)-2.552 F .053(xist beforehand.)-.15
F .694(This back-up)203 621.6 R F4(must)3.194 E F0 .694
(be stored securely)3.194 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
(-site. In).25 F .693(case of a catastrophic e)3.194 F -.15(ve)-.25 G
E F0 2.552(,w)C .052(hich must not e)-2.552 F .052(xist beforehand.)-.15
F .693(This back-up)203 621.6 R F4(must)3.193 E F0 .694
(be stored securely)3.193 F 3.194(,o)-.65 G -.25(ff)-3.194 G 3.194
(-site. In).25 F .694(case of a catastrophic e)3.194 F -.15(ve)-.25 G
(nt,).15 E(the k)203 633.6 Q .3 -.15(ey c)-.1 H(an be loaded by running)
.15 E F2(zfs load-key)233 645.6 Q F3(dataset)6 E F5(<)6 E F3
(backup-file)6 E F2<ad50>109.666 662.4 Q F3(algorithm)6 E F2(:)A F3(PCR)
A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C([)-1.666 E F2(+)A F3(algorithm)
A F2(:)A F3(PCR)A F0([)A F2(,)A F3(PCR)A F0 1.666(]...)C 1.666(]...)
-1.666 G 1.424(Bind the k)203 674.4 R 1.724 -.15(ey t)-.1 H 3.924(os).15
G 1.424(pace- or comma-separated)-3.924 F F3(PCR)3.925 E F0 3.925(sw)C
1.425(ithin their corresponding)-3.925 F(hashing)203 686.4 Q F3
(algorithm)2.524 E F0 2.524<8a69>2.524 G 2.523(ft)-2.524 G(he)-2.523 E
-1.666 G 1.425(Bind the k)203 674.4 R 1.725 -.15(ey t)-.1 H 3.925(os).15
G 1.425(pace- or comma-separated)-3.925 F F3(PCR)3.924 E F0 3.924(sw)C
1.424(ithin their corresponding)-3.924 F(hashing)203 686.4 Q F3
(algorithm)2.523 E F0 2.523<8a69>2.523 G 2.523(ft)-2.523 G(he)-2.523 E
2.523(yc)-.15 G .023(hange, the wrapping k)-2.523 F .323 -.15(ey w)-.1 H
.023(ill not be able to be).15 F 2.5(unsealed. There)203 698.4 R(are)2.5
.024(ill not be able to be).15 F 2.5(unsealed. There)203 698.4 R(are)2.5
E F1(24)2.5 E F0(PCRs, numbered [)2.5 E F1(0)A F0(,)A F1(23)2.5 E F0(].)
A F3(algorithm)203 715.2 Q F0 2.968(may be an)5.468 F 5.468(yo)-.15 G
A F3(algorithm)203 715.2 Q F0 2.968(may be an)5.469 F 5.468(yo)-.15 G
5.468(fc)-5.468 G(ase-insensiti)-5.468 E 3.268 -.15(ve ")-.25 H F1(sha1)
.15 E F0 2.968(", ")B F1(sha256)A F0 2.969(", ")B F1(sha384)A F0(",)A(")
.15 E F0 2.968(", ")B F1(sha256)A F0 2.968(", ")B F1(sha384)A F0(",)A(")
203 727.2 Q F1(sha512)A F0 4.983(", ")B F1(sm3_256)A F0 4.983(", ")B F1
(sm3-256)A F0 4.983(", ")B F1(sha3_256)A F0 4.983(", ")B F1(sha3-256)A
F0 4.983(", ")B F1(sha3_384)A F0(",)A(")203 739.2 Q F1(sha3-384)A F0
(", ")A F1(sha3_512)A F0(", or ")A F1(sha3-512)A F0
(", and must be supported by the TPM.)A(tzpfms 0.3.4-2-gbf78dcb)72
817.889 Q(December 4, 2022)89.693 E(1)183.842 E 0 Cg EP
(", and must be supported by the TPM.)A(tzpfms 0.3.4-6-g)72 817.889 Q
86.128(a0246cb February)-.05 F(28, 2024)2.5 E(1)183.837 E 0 Cg EP
%%Page: 2 8
%%BeginPageSetup
BP
@ -776,20 +776,20 @@ BP
/F0 10/Times-Roman@0 SF 44.133(ZFS-TPM2-CHANGE-KEY\(8\) System)72 48 R
(Manager')2.5 E 2.5(sM)-.55 G 41.632(anual ZFS-TPM2-CHANGE-KEY\(8\))-2.5
F/F1 10/Courier-Bold@0 SF<ad41>109.666 84 Q F0 -.4(Wi)203 84 S(th).4 E
F1<ad50>4.588 E F0 2.922(,a)C .422(lso prompt for a passphrase.)-2.922 F
.422(This is skipped by def)5.422 F .423(ault because the)-.1 F .675
F1<ad50>4.589 E F0 2.923(,a)C .422(lso prompt for a passphrase.)-2.923 F
.422(This is skipped by def)5.422 F .422(ault because the)-.1 F .675
(passphrase is)203 96 R/F2 10/Times-Italic@0 SF(OR)3.175 E F0 .675
(ed with the PCR polic)B 3.175(y\212t)-.15 G .675(he wrapping k)-3.175 F
.975 -.15(ey c)-.1 H .675(an be unsealed).15 F F2(either)203 108 Q F0
1.389(passphraseless with the right PCRs)3.889 F F2(or)3.89 E F0 1.39
1.39(passphraseless with the right PCRs)3.89 F F2(or)3.89 E F0 1.389
(with the passphrase, and this is)3.89 F(usually not the intent.)203 120
Q/F3 10/Times-Bold@0 SF(ENVIR)72 136.8 Q 1.666(ONMENT V)-.3 F(ARIABLES)
-1.35 E/F4 10/Courier@0 SF(TZPFMS_PASSPHRASE_HELPER)108 148.8 Q F0 .046
-1.35 E/F4 10/Courier@0 SF(TZPFMS_PASSPHRASE_HELPER)108 148.8 Q F0 .045
(By def)133 160.8 R .045(ault, passphrases are prompted for and read in\
on the standard output and input streams.)-.1 F(If)5.045 E F4
(TZPFMS_PASSPHRASE_HELPER)133 172.8 Q F0 1.595(is set and nonempty)4.095
on the standard output and input streams.)-.1 F(If)5.046 E F4
(TZPFMS_PASSPHRASE_HELPER)133 172.8 Q F0 1.596(is set and nonempty)4.096
F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
(/bin/)4.096 E F1 3.262(sh \255c)B F0(to)4.096 E(pro)133 184.8 Q
(/bin/)4.095 E F1 3.261(sh \255c)B F0(to)4.095 E(pro)133 184.8 Q
(vide each passphrase, instead.)-.15 E .643
(The standard output stream of the helper is tied to an anon)133 201.6 R
.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
@ -802,10 +802,10 @@ F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
249.6 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
(assphrase, otherwise blank)-2.5 E F4($4)143 261.6 Q F0("ag)160 261.6 Q
(ain" if it')-.05 E 2.5(st)-.55 G
(he second prompt for that passphrase, otherwise blank)-2.5 E .177
(If the helper doesn')133 278.4 R 2.677(te)-.18 G .177
(xist \(the shell e)-2.827 F .177(xits with)-.15 F F3(127)2.677 E F0
.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
(he second prompt for that passphrase, otherwise blank)-2.5 E .178
(If the helper doesn')133 278.4 R 2.678(te)-.18 G .178
(xist \(the shell e)-2.828 F .177(xits with)-.15 F F3(127)2.677 E F0
.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
290.4 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
G(ther reason, the prompting is aborted.)-2.5 E F3 1.666
(TPM2 back-end con\214guration)72 307.2 R(En)87 319.2 Q(vir)-.4 E .625
@ -814,13 +814,13 @@ Q 2.5(yo)-.15 G(f:)-2.5 E F3(NONE)2.5 E F0(,)A F3(ERR)2.5 E(OR)-.3 E F0
(,)A F3 -1.2(WA)2.5 G(RNING)1.2 E F0(,)A F3(INFO)2.5 E F0(,)A F3(DEB)2.5
E(UG)-.1 E F0(,)A F3(TRA)2.5 E(CE)-.55 E F0 5(.D)C(ef)-5 E(ault:)-.1 E
F3 -1.2(WA)2.5 G(RNING)1.2 E F0(.)A F3 .625(TPM selection)87 348 R F0
.622(The library)108 360 R F1(libtss2-tcti-default.so)3.122 E F0 .622
(can be link)3.122 F .621(ed to an)-.1 F 3.121(yo)-.15 G 3.121(ft)-3.121
G(he)-3.121 E F4(libtss2-tcti-)3.121 E/F5 10/Symbol SF(*)A F4(.so)A F0
(li-)3.121 E .78(braries to select the def)108 372 R .78
(ault, otherwise)-.1 F F4(/dev/tpmrm0)3.281 E F0 3.281(,t)C(hen)-3.281 E
F4(/dev/tpm0)3.281 E F0 3.281(,t)C(hen)-3.281 E F4(localhost:2321)3.281
E F0(will be tried, in order \(see)108 384 Q F4(ESYS_CONTEXT)2.5 E F0
.621(The library)108 360 R F1(libtss2-tcti-default.so)3.121 E F0 .621
(can be link)3.121 F .621(ed to an)-.1 F 3.122(yo)-.15 G 3.122(ft)-3.122
G(he)-3.122 E F4(libtss2-tcti-)3.122 E/F5 10/Symbol SF(*)A F4(.so)A F0
(li-)3.122 E .781(braries to select the def)108 372 R .781
(ault, otherwise)-.1 F F4(/dev/tpmrm0)3.28 E F0 3.28(,t)C(hen)-3.28 E F4
(/dev/tpm0)3.28 E F0 3.28(,t)C(hen)-3.28 E F4(localhost:2321)3.28 E F0
(will be tried, in order \(see)108 384 Q F4(ESYS_CONTEXT)2.5 E F0
(\(3\)\).)A F3 .625(See also)87 400.8 R F0 2.247
(The tpm2-tss git repository at https://github)108 412.8 R
(.com/tpm2-softw)-.4 E 2.247(are/tpm2-tss and the documentation at)-.1 F
@ -837,7 +837,7 @@ E F0(will be tried, in order \(see)108 384 Q F4(ESYS_CONTEXT)2.5 E F0
F3<83>128 542.4 Q F0(EvModder)7.5 E F3(REPOR)72 559.2 Q 1.666(TING B)-.4
F(UGS)-.1 E F0(https://todo.sr)108 571.2 Q(.ht/\001nabijaczle)-.55 E
(weli/tzpfms)-.25 E F4(\001nabijaczleweli/tzpfms@lists.sr.ht)108 588 Q
F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
(https://lists.sr)108 600 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
E F3 1.666(SEE ALSO)72 616.8 R F4(tpm2_unseal)108 628.8 Q F0(\(1\))A
(PCR allocations: https://wiki.archlinux.or)108 645.6 Q(g/title/T)-.18 E
@ -845,25 +845,25 @@ E F3 1.666(SEE ALSO)72 616.8 R F4(tpm2_unseal)108 628.8 Q F0(\(1\))A
(and https://trustedcomputinggroup.or)108 657.6 Q
(g/wp-content/uploads/PC-)-.18 E(ClientSpeci\214c_Platform_Pro\214le_fo\
r_TPM_2p0_Systems_v51.pdf, Section 2.3.4 "PCR Usage", T)108 669.6 Q
(able)-.8 E(1.)108 681.6 Q(tzpfms 0.3.4-2-gbf78dcb)72 817.889 Q
(December 4, 2022)89.693 E(2)183.842 E 0 Cg EP
(able)-.8 E(1.)108 681.6 Q(tzpfms 0.3.4-6-g)72 817.889 Q 86.128
(a0246cb February)-.05 F(28, 2024)2.5 E(2)183.837 E 0 Cg EP
%%Page: 1 9
%%BeginPageSetup
BP
%%EndPageSetup
/F0 10/Times-Roman@0 SF 53.013(ZFS-TPM2-CLEAR-KEY\(8\) System)72 48 R
(Manager')2.5 E 2.5(sM)-.55 G 50.512(anual ZFS-TPM2-CLEAR-KEY\(8\))-2.5
F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E F0(zfs-tpm2-clear)108 96
Q(-k)-.2 E .3 -.15(ey \212 r)-.1 H -.25(ew).15 G(rap ZFS dataset k).25 E
.3 -.15(ey i)-.1 H 2.5(np).15 G(asssw)-2.5 E
(ord and clear tzpfms TPM2 metadata)-.1 E F1(SYNOPSIS)72 112.8 Q/F2 10
/Courier-Bold@0 SF(zfs-tpm-list)108 124.8 Q/F3 10/Courier-Oblique@0 SF
(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0(After v)108 153.6 Q
(erifying)-.15 E F3(dataset)2.5 E F0 -.1(wa)2.5 G 2.5(se).1 G
(ncrypted with)-2.5 E F2(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E F1(TPM2)
2.5 E F0(:)A 5(1. performs)118 165.6 R 5.642(the equi)8.142 F -.25(va)
-.25 G 5.642(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>13.307 E
/F4 10/Courier@0 SF(keylocation=prompt)11.641 E F2<ad6f>13.307 E F4
F/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10/Courier-Bold@0 SF
(zfs-tpm2-clear-key)108 96 Q F0 2.5<8a72>2.5 G -.25(ew)-2.5 G
(rap ZFS dataset k).25 E .3 -.15(ey i)-.1 H 2.5(np).15 G(asssw)-2.5 E
(ord and clear tzpfms TPM2 metadata)-.1 E F1(SYNOPSIS)72 112.8 Q F2
(zfs-tpm-list)108 124.8 Q/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1
(DESCRIPTION)72 141.6 Q F0(After v)108 153.6 Q(erifying)-.15 E F3
(dataset)2.5 E F0 -.1(wa)2.5 G 2.5(se).1 G(ncrypted with)-2.5 E F2
(tzpfms)2.5 E F0(back)2.5 E(end)-.1 E F1(TPM2)2.5 E F0(:)A 5
(1. performs)118 165.6 R 5.641(the equi)8.141 F -.25(va)-.25 G 5.641
(lent of).25 F F2 5.642(zfs change-key)8.142 F<ad6f>13.308 E/F4 10
/Courier@0 SF(keylocation=prompt)11.642 E F2<ad6f>13.308 E F4
(keyformat=passphrase)133 177.6 Q F3(dataset)6 E F0(,)A 5(2. frees)118
189.6 R(the sealed k)2.5 E .3 -.15(ey p)-.1 H(re).15 E
(viously used to encrypt)-.25 E F3(dataset)2.5 E F0(,)A 5(3. remo)118
@ -872,12 +872,12 @@ Q(-k)-.2 E .3 -.15(ey \212 r)-.1 H -.25(ew).15 G(rap ZFS dataset k).25 E
14.189 E F0 10.689(}p)C 8.189(roperties from)-10.689 F F3(dataset)133
213.6 Q F0(.)A(See)108 230.4 Q F4(zfs-tpm2-change-key)2.5 E F0
(\(8\) for a detailed description.)A F1(ENVIR)72 247.2 Q 1.666(ONMENT V)
-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 259.2 Q F0 .046
-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 259.2 Q F0 .045
(By def)133 271.2 R .045(ault, passphrases are prompted for and read in\
on the standard output and input streams.)-.1 F(If)5.045 E F4
(TZPFMS_PASSPHRASE_HELPER)133 283.2 Q F0 1.595(is set and nonempty)4.095
on the standard output and input streams.)-.1 F(If)5.046 E F4
(TZPFMS_PASSPHRASE_HELPER)133 283.2 Q F0 1.596(is set and nonempty)4.096
F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
(/bin/)4.096 E F2 3.262(sh \255c)B F0(to)4.096 E(pro)133 295.2 Q
(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 295.2 Q
(vide each passphrase, instead.)-.15 E .643
(The standard output stream of the helper is tied to an anon)133 312 R
.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
@ -889,10 +889,10 @@ F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
2.5(yb)-.05 G(eing prompted for)-2.5 E F4($3)143 360 Q F0("ne)160 360 Q
(w" if this is for a ne)-.25 E 2.5(wp)-.25 G(assphrase, otherwise blank)
-2.5 E F4($4)143 372 Q F0("ag)160 372 Q(ain" if it')-.05 E 2.5(st)-.55 G
(he second prompt for that passphrase, otherwise blank)-2.5 E .177
(If the helper doesn')133 388.8 R 2.677(te)-.18 G .177
(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
(he second prompt for that passphrase, otherwise blank)-2.5 E .178
(If the helper doesn')133 388.8 R 2.678(te)-.18 G .178
(xist \(the shell e)-2.828 F .177(xits with)-.15 F F1(127)2.677 E F0
.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
400.8 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
(TPM2 back-end con\214guration)72 417.6 R(En)87 429.6 Q(vir)-.4 E .625
@ -901,13 +901,13 @@ Q 2.5(yo)-.15 G(f:)-2.5 E F1(NONE)2.5 E F0(,)A F1(ERR)2.5 E(OR)-.3 E F0
(,)A F1 -1.2(WA)2.5 G(RNING)1.2 E F0(,)A F1(INFO)2.5 E F0(,)A F1(DEB)2.5
E(UG)-.1 E F0(,)A F1(TRA)2.5 E(CE)-.55 E F0 5(.D)C(ef)-5 E(ault:)-.1 E
F1 -1.2(WA)2.5 G(RNING)1.2 E F0(.)A F1 .625(TPM selection)87 458.4 R F0
.622(The library)108 470.4 R F2(libtss2-tcti-default.so)3.122 E F0 .622
(can be link)3.122 F .621(ed to an)-.1 F 3.121(yo)-.15 G 3.121(ft)-3.121
G(he)-3.121 E F4(libtss2-tcti-)3.121 E/F5 10/Symbol SF(*)A F4(.so)A F0
(li-)3.121 E .78(braries to select the def)108 482.4 R .78
(ault, otherwise)-.1 F F4(/dev/tpmrm0)3.281 E F0 3.281(,t)C(hen)-3.281 E
F4(/dev/tpm0)3.281 E F0 3.281(,t)C(hen)-3.281 E F4(localhost:2321)3.281
E F0(will be tried, in order \(see)108 494.4 Q F4(ESYS_CONTEXT)2.5 E F0
.621(The library)108 470.4 R F2(libtss2-tcti-default.so)3.121 E F0 .621
(can be link)3.121 F .621(ed to an)-.1 F 3.122(yo)-.15 G 3.122(ft)-3.122
G(he)-3.122 E F4(libtss2-tcti-)3.122 E/F5 10/Symbol SF(*)A F4(.so)A F0
(li-)3.122 E .781(braries to select the def)108 482.4 R .781
(ault, otherwise)-.1 F F4(/dev/tpmrm0)3.28 E F0 3.28(,t)C(hen)-3.28 E F4
(/dev/tpm0)3.28 E F0 3.28(,t)C(hen)-3.28 E F4(localhost:2321)3.28 E F0
(will be tried, in order \(see)108 494.4 Q F4(ESYS_CONTEXT)2.5 E F0
(\(3\)\).)A F1 .625(See also)87 511.2 R F0 2.247
(The tpm2-tss git repository at https://github)108 523.2 R
(.com/tpm2-softw)-.4 E 2.247(are/tpm2-tss and the documentation at)-.1 F
@ -924,41 +924,41 @@ E F0(will be tried, in order \(see)108 494.4 Q F4(ESYS_CONTEXT)2.5 E F0
F1<83>128 652.8 Q F0(EvModder)7.5 E F1(REPOR)72 669.6 Q 1.666(TING B)-.4
F(UGS)-.1 E F0(https://todo.sr)108 681.6 Q(.ht/\001nabijaczle)-.55 E
(weli/tzpfms)-.25 E F4(\001nabijaczleweli/tzpfms@lists.sr.ht)108 698.4 Q
F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
(https://lists.sr)108 710.4 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)
-.25 E(tzpfms 0.3.4-2-gbf78dcb)72 817.889 Q(December 4, 2022)89.693 E(1)
183.842 E 0 Cg EP
-.25 E(tzpfms 0.3.4-6-g)72 817.889 Q 86.133(a0246cb December)-.05 F
(4, 2022)2.5 E(1)183.842 E 0 Cg EP
%%Page: 1 10
%%BeginPageSetup
BP
%%EndPageSetup
/F0 10/Times-Roman@0 SF(ZFS-TPM2-LO)72 48 Q 58.373(AD-KEY\(8\) System)
-.35 F(Manager')2.5 E 2.5(sM)-.55 G 55.872(anual ZFS-TPM2-LO)-2.5 F
(AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E F0
(zfs-tpm2-load-k)108 96 Q .3 -.15(ey \212 l)-.1 H
(oad TPM2-encrypted ZFS dataset k).15 E -.15(ey)-.1 G F1(SYNOPSIS)72
112.8 Q/F2 10/Courier-Bold@0 SF(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2
<ad6e>1.666 E F0(])A/F3 10/Courier-Oblique@0 SF(dataset)2.5 E F1
(DESCRIPTION)72 141.6 Q F0 .865(After v)108 153.6 R(erifying)-.15 E F3
(dataset)3.365 E F0 -.1(wa)3.365 G 3.365(se).1 G .865(ncrypted with)
-3.365 F F2(tzpfms)3.365 E F0(back)3.365 E(end)-.1 E F1(TPM2)3.365 E F0
3.365(,u)C .864(nseals the k)-3.365 F 1.164 -.15(ey a)-.1 H .864
(nd loads it).15 F(into)108 165.6 Q F3(dataset)2.5 E F0(.)A(The user is\
prompted for the additional passphrase, set when creating the k)108
182.4 Q -.15(ey)-.1 G 2.5(,i)-.5 G 2.5(fo)-2.5 G(ne w)-2.5 E(as set.)-.1
E(See)108 199.2 Q/F4 10/Courier@0 SF(zfs-tpm2-change-key)2.5 E F0
(\(8\) for a detailed description.)A F1(OPTIONS)72 216 Q F2<ad6e>109.666
228 Q F0 3.208(Do a no-op/dry run, can be used e)131 228 R -.15(ve)-.25
G 5.708(ni).15 G 5.708(ft)-5.708 G 3.208(he k)-5.708 F 3.508 -.15(ey i)
-.1 H 5.708(sa).15 G 3.208(lready loaded.)-5.708 F(Equi)8.208 E -.25(va)
-.25 G 3.208(lent to).25 F F2(zfs)5.708 E(load-key)131 240 Q F0 -.55('s)
C F2<ad6e>4.716 E F0(option.)2.5 E F1(ENVIR)72 256.8 Q 1.666(ONMENT V)
-.3 F(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 268.8 Q F0 .046
(AD-KEY\(8\))-.35 E/F1 10/Times-Bold@0 SF -.2(NA)72 84 S(ME).2 E/F2 10
/Courier-Bold@0 SF(zfs-tpm2-load-key)108 96 Q F0 2.5<8a6c>2.5 G
(oad TPM2-encrypted ZFS dataset k)-2.5 E -.15(ey)-.1 G F1(SYNOPSIS)72
112.8 Q F2(zfs-tpm-list)108 124.8 Q F0([)2.5 E F2<ad6e>1.666 E F0(])A/F3
10/Courier-Oblique@0 SF(dataset)2.5 E F1(DESCRIPTION)72 141.6 Q F0 .864
(After v)108 153.6 R(erifying)-.15 E F3(dataset)3.364 E F0 -.1(wa)3.364
G 3.364(se).1 G .864(ncrypted with)-3.364 F F2(tzpfms)3.365 E F0(back)
3.365 E(end)-.1 E F1(TPM2)3.365 E F0 3.365(,u)C .865(nseals the k)-3.365
F 1.165 -.15(ey a)-.1 H .865(nd loads it).15 F(into)108 165.6 Q F3
(dataset)2.5 E F0(.)A(The user is prompted for the additional passphras\
e, set when creating the k)108 182.4 Q -.15(ey)-.1 G 2.5(,i)-.5 G 2.5
(fo)-2.5 G(ne w)-2.5 E(as set.)-.1 E(See)108 199.2 Q/F4 10/Courier@0 SF
(zfs-tpm2-change-key)2.5 E F0(\(8\) for a detailed description.)A F1
(OPTIONS)72 216 Q F2<ad6e>109.666 228 Q F0 3.208
(Do a no-op/dry run, can be used e)131 228 R -.15(ve)-.25 G 5.708(ni).15
G 5.708(ft)-5.708 G 3.208(he k)-5.708 F 3.508 -.15(ey i)-.1 H 5.708(sa)
.15 G 3.208(lready loaded.)-5.708 F(Equi)8.207 E -.25(va)-.25 G 3.207
(lent to).25 F F2(zfs)5.707 E(load-key)131 240 Q F0 -.55('s)C F2<ad6e>
4.716 E F0(option.)2.5 E F1(ENVIR)72 256.8 Q 1.666(ONMENT V)-.3 F
(ARIABLES)-1.35 E F4(TZPFMS_PASSPHRASE_HELPER)108 268.8 Q F0 .045
(By def)133 280.8 R .045(ault, passphrases are prompted for and read in\
on the standard output and input streams.)-.1 F(If)5.045 E F4
(TZPFMS_PASSPHRASE_HELPER)133 292.8 Q F0 1.595(is set and nonempty)4.095
on the standard output and input streams.)-.1 F(If)5.046 E F4
(TZPFMS_PASSPHRASE_HELPER)133 292.8 Q F0 1.596(is set and nonempty)4.096
F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
(/bin/)4.096 E F2 3.262(sh \255c)B F0(to)4.096 E(pro)133 304.8 Q
(/bin/)4.095 E F2 3.261(sh \255c)B F0(to)4.095 E(pro)133 304.8 Q
(vide each passphrase, instead.)-.15 E .643
(The standard output stream of the helper is tied to an anon)133 321.6 R
.643(ymous \214le and used in its entirety as)-.15 F(the passphrase, e)
@ -971,23 +971,23 @@ F 4.096(,i)-.65 G 4.096(tw)-4.096 G 1.596(ill be run via)-4.096 F F4
369.6 Q(w" if this is for a ne)-.25 E 2.5(wp)-.25 G
(assphrase, otherwise blank)-2.5 E F4($4)143 381.6 Q F0("ag)160 381.6 Q
(ain" if it')-.05 E 2.5(st)-.55 G
(he second prompt for that passphrase, otherwise blank)-2.5 E .177
(If the helper doesn')133 398.4 R 2.677(te)-.18 G .177
(xist \(the shell e)-2.827 F .177(xits with)-.15 F F1(127)2.677 E F0
.178(\), a diagnostic is issued and the normal prompt)B(is used as f)133
(he second prompt for that passphrase, otherwise blank)-2.5 E .178
(If the helper doesn')133 398.4 R 2.678(te)-.18 G .178
(xist \(the shell e)-2.828 F .177(xits with)-.15 F F1(127)2.677 E F0
.177(\), a diagnostic is issued and the normal prompt)B(is used as f)133
410.4 Q 2.5(all-back. If)-.1 F(it f)2.5 E(ails for an)-.1 E 2.5(yo)-.15
G(ther reason, the prompting is aborted.)-2.5 E F1 1.666
(TPM1.X back-end con\214guration)72 427.2 R .625(TPM selection)87 439.2
R F0(The)108 451.2 Q F2(tzpfms)2.73 E F0 .23(suite connects to a local)
2.73 F F4(tcsd)2.73 E F0 .23(\(8\) process \(at)B F4(localhost:30003)
2.729 E F0 2.729(\)b)C 2.729(yd)-2.729 G(ef)-2.729 E 2.729(ault. Use)-.1
F(the)2.729 E(en)108 463.2 Q(vironment v)-.4 E(ariable)-.25 E F4
(TZPFMS_TPM1X)2.5 E F0(to specify a remote TCS hostname.)2.5 E .11
(The T)108 480 R(rouSerS)-.35 E F4(tcsd)2.61 E F0 .11
(\(8\) daemon will try)B F4(/dev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E F4
(/udev/tpm0)2.611 E F0 2.611(,t)C(hen)-2.611 E F4(/dev/tpm)2.611 E F0
2.611(;b)C 2.611(yo)-2.611 G(ccu-)-2.611 E -.1(py)108 492 S
(ing one of the earlier ones with, for e).1 E
R F0(The)108 451.2 Q F2(tzpfms)2.729 E F0 .229
(suite connects to a local)2.729 F F4(tcsd)2.73 E F0 .23
(\(8\) process \(at)B F4(localhost:30003)2.73 E F0 2.73(\)b)C 2.73(yd)
-2.73 G(ef)-2.73 E 2.73(ault. Use)-.1 F(the)2.73 E(en)108 463.2 Q
(vironment v)-.4 E(ariable)-.25 E F4(TZPFMS_TPM1X)2.5 E F0
(to specify a remote TCS hostname.)2.5 E .111(The T)108 480 R(rouSerS)
-.35 E F4(tcsd)2.611 E F0 .111(\(8\) daemon will try)B F4(/dev/tpm0)2.61
E F0 2.61(,t)C(hen)-2.61 E F4(/udev/tpm0)2.61 E F0 2.61(,t)C(hen)-2.61 E
F4(/dev/tpm)2.61 E F0 2.61(;b)C 2.61(yo)-2.61 G(ccu-)-2.61 E -.1(py)108
492 S(ing one of the earlier ones with, for e).1 E
(xample, shell redirection, a later one can be selected.)-.15 E F1 .625
(See also)87 508.8 R F0(The T)108 520.8 Q
(rouSerS project page at https://sourcefor)-.35 E
@ -1002,10 +1002,10 @@ F(the)2.729 E(en)108 463.2 Q(vironment v)-.4 E(ariable)-.25 E F4
F1<83>128 626.4 Q F0(EvModder)7.5 E F1(REPOR)72 643.2 Q 1.666(TING B)-.4
F(UGS)-.1 E F0(https://todo.sr)108 655.2 Q(.ht/\001nabijaczle)-.55 E
(weli/tzpfms)-.25 E F4(\001nabijaczleweli/tzpfms@lists.sr.ht)108 672 Q
F0 83.762(,a)C(rchi)-83.762 E -.15(ve)-.25 G 83.763(da).15 G(t)-83.763 E
F0 83.763(,a)C(rchi)-83.763 E -.15(ve)-.25 G 83.762(da).15 G(t)-83.762 E
(https://lists.sr)108 684 Q(.ht/\001nabijaczle)-.55 E(weli/tzpfms.)-.25
E(tzpfms 0.3.4-2-gbf78dcb)72 817.889 Q(December 4, 2022)89.693 E(1)
183.842 E 0 Cg EP
E(tzpfms 0.3.4-6-g)72 817.889 Q 86.133(a0246cb December)-.05 F(4, 2022)
2.5 E(1)183.842 E 0 Cg EP
%%Trailer
end
%%EOF

2
zfs-tpm-list.8
View File

@ -3,7 +3,7 @@
.Dd December 4, 2022
.ds doc-volume-operating-system
.Dt ZFS-TPM-LIST 8
.Os tzpfms 0.3.4-2-gbf78dcb
.Os tzpfms 0.3.4-6-ga0246cb
.
.Sh NAME
.Nm zfs-tpm-list

2
zfs-tpm-list.8.html
View File

@ -166,7 +166,7 @@ tarta-zoot/vm - available yes</div>
<table class="foot">
<tr>
<td class="foot-date">December 4, 2022</td>
<td class="foot-os">tzpfms 0.3.4-2-gbf78dcb</td>
<td class="foot-os">tzpfms 0.3.4-6-ga0246cb</td>
</tr>
</table>
</body>

6
zfs-tpm1x-change-key.8
View File

@ -1,9 +1,9 @@
.\" SPDX-License-Identifier: MIT
.
.Dd December 4, 2022
.Dd February 28, 2024
.ds doc-volume-operating-system
.Dt ZFS-TPM1X-CHANGE-KEY 8
.Os tzpfms 0.3.4-2-gbf78dcb
.Os tzpfms 0.3.4-6-ga0246cb
.
.Sh NAME
.Nm zfs-tpm1x-change-key
@ -37,7 +37,7 @@ was previously encrypted with
and the
.Sy TPM1.X
back-end was used, the metadata will be silently cleared.
Otherwise, or in case of an error, data required for manual intervention will be printed to the standard error stream.
Otherwise, or in case of an error, data required for manual intervention will be written to the standard error stream.
.Pp
Next, a new wrapping key is generated on the TPM, optionally backed up
.Pq see Sx OPTIONS ,

6
zfs-tpm1x-change-key.8.html
View File

@ -49,7 +49,7 @@
<p class="Pp">If <var class="Ar">dataset</var> was previously encrypted with
<code class="Nm">tzpfms</code> and the <b class="Sy">TPM1.X</b> back-end was
used, the metadata will be silently cleared. Otherwise, or in case of an
error, data required for manual intervention will be printed to the standard
error, data required for manual intervention will be written to the standard
error stream.</p>
<p class="Pp">Next, a new wrapping key is generated on the TPM, optionally
backed up (see <a class="Sx" href="#OPTIONS">OPTIONS</a>), and sealed on the
@ -218,8 +218,8 @@
</div>
<table class="foot">
<tr>
<td class="foot-date">December 4, 2022</td>
<td class="foot-os">tzpfms 0.3.4-2-gbf78dcb</td>
<td class="foot-date">February 28, 2024</td>
<td class="foot-os">tzpfms 0.3.4-6-ga0246cb</td>
</tr>
</table>
</body>

2
zfs-tpm1x-clear-key.8
View File

@ -3,7 +3,7 @@
.Dd December 4, 2022
.ds doc-volume-operating-system
.Dt ZFS-TPM1X-CLEAR-KEY 8
.Os tzpfms 0.3.4-2-gbf78dcb
.Os tzpfms 0.3.4-6-ga0246cb
.
.Sh NAME
.Nm zfs-tpm1x-clear-key

2
zfs-tpm1x-clear-key.8.html
View File

@ -103,7 +103,7 @@
<table class="foot">
<tr>
<td class="foot-date">December 4, 2022</td>
<td class="foot-os">tzpfms 0.3.4-2-gbf78dcb</td>
<td class="foot-os">tzpfms 0.3.4-6-ga0246cb</td>
</tr>
</table>
</body>

2
zfs-tpm1x-load-key.8
View File

@ -3,7 +3,7 @@
.Dd December 4, 2022
.ds doc-volume-operating-system
.Dt ZFS-TPM1X-LOAD-KEY 8
.Os tzpfms 0.3.4-2-gbf78dcb
.Os tzpfms 0.3.4-6-ga0246cb
.
.Sh NAME
.Nm zfs-tpm1x-load-key

2
zfs-tpm1x-load-key.8.html
View File

@ -139,7 +139,7 @@
<table class="foot">
<tr>
<td class="foot-date">December 4, 2022</td>
<td class="foot-os">tzpfms 0.3.4-2-gbf78dcb</td>
<td class="foot-os">tzpfms 0.3.4-6-ga0246cb</td>
</tr>
</table>
</body>

6
zfs-tpm2-change-key.8
View File

@ -1,9 +1,9 @@
.\" SPDX-License-Identifier: MIT
.
.Dd December 4, 2022
.Dd February 28, 2024
.ds doc-volume-operating-system
.Dt ZFS-TPM2-CHANGE-KEY 8
.Os tzpfms 0.3.4-2-gbf78dcb
.Os tzpfms 0.3.4-6-ga0246cb
.
.Sh NAME
.Nm zfs-tpm2-change-key
@ -40,7 +40,7 @@ was previously encrypted with
and the
.Sy TPM2
back-end was used, the previous key will be freed from the TPM.
Otherwise, or in case of an error, data required for manual intervention will be printed to the standard error stream.
Otherwise, or in case of an error, data required for manual intervention will be written to the standard error stream.
.Pp
Next, a new wrapping key is generated on the TPM, optionally backed up
.Pq see Sx OPTIONS ,

6
zfs-tpm2-change-key.8.html
View File

@ -49,7 +49,7 @@
<p class="Pp">If <var class="Ar">dataset</var> was previously encrypted with
<code class="Nm">tzpfms</code> and the <b class="Sy">TPM2</b> back-end was
used, the previous key will be freed from the TPM. Otherwise, or in case of
an error, data required for manual intervention will be printed to the
an error, data required for manual intervention will be written to the
standard error stream.</p>
<p class="Pp">Next, a new wrapping key is generated on the TPM, optionally
backed up (see <a class="Sx" href="#OPTIONS">OPTIONS</a>), and sealed to a
@ -264,8 +264,8 @@
</div>
<table class="foot">
<tr>
<td class="foot-date">December 4, 2022</td>
<td class="foot-os">tzpfms 0.3.4-2-gbf78dcb</td>
<td class="foot-date">February 28, 2024</td>
<td class="foot-os">tzpfms 0.3.4-6-ga0246cb</td>
</tr>
</table>
</body>

2
zfs-tpm2-clear-key.8
View File

@ -3,7 +3,7 @@
.Dd December 4, 2022
.ds doc-volume-operating-system
.Dt ZFS-TPM2-CLEAR-KEY 8
.Os tzpfms 0.3.4-2-gbf78dcb
.Os tzpfms 0.3.4-6-ga0246cb
.
.Sh NAME
.Nm zfs-tpm2-clear-key

2
zfs-tpm2-clear-key.8.html
View File

@ -154,7 +154,7 @@
<table class="foot">
<tr>
<td class="foot-date">December 4, 2022</td>
<td class="foot-os">tzpfms 0.3.4-2-gbf78dcb</td>
<td class="foot-os">tzpfms 0.3.4-6-ga0246cb</td>
</tr>
</table>
</body>

2
zfs-tpm2-load-key.8
View File

@ -3,7 +3,7 @@
.Dd December 4, 2022
.ds doc-volume-operating-system
.Dt ZFS-TPM2-LOAD-KEY 8
.Os tzpfms 0.3.4-2-gbf78dcb
.Os tzpfms 0.3.4-6-ga0246cb
.
.Sh NAME
.Nm zfs-tpm2-load-key

2
zfs-tpm2-load-key.8.html
View File

@ -138,7 +138,7 @@
<table class="foot">
<tr>
<td class="foot-date">December 4, 2022</td>
<td class="foot-os">tzpfms 0.3.4-2-gbf78dcb</td>
<td class="foot-os">tzpfms 0.3.4-6-ga0246cb</td>
</tr>
</table>
</body>