1.\" 2.\" Copyright (c) 2010 3.\" The DragonFly Project. All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in 13.\" the documentation and/or other materials provided with the 14.\" distribution. 15.\" 3. Neither the name of The DragonFly Project nor the names of its 16.\" contributors may be used to endorse or promote products derived 17.\" from this software without specific, prior written permission. 18.\" 19.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22.\" FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23.\" COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24.\" INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, 25.\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 26.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27.\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 29.\" OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30.\" SUCH DAMAGE. 31.\" 32.Dd October 22, 2010 33.Dt CRYPTTAB 5 34.Os 35.Sh NAME 36.Nm crypttab 37.Nd encrypted disk device table 38.Sh DESCRIPTION 39The 40.Nm 41file contains a list of the encrypted disk devices of the system. Each 42encrypted volume is described on a separate line; fields on each line are 43separated by tabs or spaces. 44.Pp 45The first field, 46.Pq Fa name , 47contains the name of the resultant crypto volume device, which will 48be a node in 49.Pa /dev/mapper 50with the given 51.Pa name . 52.Pp 53The second field, 54.Pq Fa device , 55is the underlying device on which the crypto volume resides and must be 56a full device path to a node in 57.Pa /dev . 58.Pp 59The third field, 60.Pq Fa keyfile , 61is either the value 62.Pa none 63or the full path on the file system to a keyfile to unlock the crypto 64volume. 65If 66.Pa none 67is specified, the system will prompt for a password during the boot 68sequence. 69.Pp 70The fourth field, 71.Pq Fa options , 72can contain a comma separated list with the following options on 73.Dx 74or can be set to 75.Pa none . 76.Bl -tag -width keyscript=/script.sh 77.It Va tries=N 78Prompt for the passphrase at most 79.Fa N 80times if the entered passphrase is incorrect. 81.It Va timeout=T 82Time out the interactive passphrase prompt after 83.Fa T 84seconds. 85.It Va keyscript=script 86Run the script pointed at by 87.Fa script 88to get the passphrase. The stdout output of the script will be used as the 89passphrase instead of showing an interactive prompt. 90.El 91.Pp 92Note that the 93.Nm 94file on 95.Dx 96currently only supports LUKS volumes and not raw 97.Xr cryptsetup 8 98volumes. 99.Sh FILES 100.Bl -tag -width ".Pa /etc/crypttab" -compact 101.It Pa /etc/crypttab 102The 103.Nm 104file resides in 105.Pa /etc . 106.El 107.Sh EXAMPLES 108The following line specifies a crypto volume without a keyfile, so 109that a password will be prompted during the boot sequence. Upon 110successful entry of the password the device 111.Pa /dev/mapper/vol1 112will be created. 113.Pp 114.Dl "vol1 /dev/da0s1b none none" 115.Pp 116The next example is as the one before but using a keyfile on 117.Pa /boot 118instead of an interactive password prompt. 119.Pp 120.Dl "vol1 /dev/da0s1b /boot/keyfile.0 none" 121.Pp 122The last example shows the use of the options. It will ask at most 2 times 123for a passphrase and time out after 10 seconds. 124.Pp 125.Dl "vol1 /dev/da0s1b none tries=2,timeout=10" 126.Sh SEE ALSO 127.Xr cryptsetup 8 128.Sh HISTORY 129The 130.Nm 131file format appeared in 132.Dx 2.9 . 133