1e4b0a90eSBrooks Davis.\" Copyright (c) 2005 Pawel Jakub Dawidek <pjd@FreeBSD.org> 2e4b0a90eSBrooks Davis.\" All rights reserved. 3e4b0a90eSBrooks Davis.\" 4e4b0a90eSBrooks Davis.\" Redistribution and use in source and binary forms, with or without 5e4b0a90eSBrooks Davis.\" modification, are permitted provided that the following conditions 6e4b0a90eSBrooks Davis.\" are met: 7e4b0a90eSBrooks Davis.\" 1. Redistributions of source code must retain the above copyright 8e4b0a90eSBrooks Davis.\" notice, this list of conditions and the following disclaimer. 9e4b0a90eSBrooks Davis.\" 2. Redistributions in binary form must reproduce the above copyright 10e4b0a90eSBrooks Davis.\" notice, this list of conditions and the following disclaimer in the 11e4b0a90eSBrooks Davis.\" documentation and/or other materials provided with the distribution. 12e4b0a90eSBrooks Davis.\" 13e4b0a90eSBrooks Davis.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND 14e4b0a90eSBrooks Davis.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15e4b0a90eSBrooks Davis.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16e4b0a90eSBrooks Davis.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE 17e4b0a90eSBrooks Davis.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18e4b0a90eSBrooks Davis.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19e4b0a90eSBrooks Davis.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20e4b0a90eSBrooks Davis.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21e4b0a90eSBrooks Davis.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22e4b0a90eSBrooks Davis.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23e4b0a90eSBrooks Davis.\" SUCH DAMAGE. 24e4b0a90eSBrooks Davis.\" 25e4b0a90eSBrooks Davis.Dd October 1, 2013 26e4b0a90eSBrooks Davis.Dt GSHSEC 8 27e4b0a90eSBrooks Davis.Os 28e4b0a90eSBrooks Davis.Sh NAME 29e4b0a90eSBrooks Davis.Nm gshsec 30e4b0a90eSBrooks Davis.Nd "control utility for shared secret devices" 31e4b0a90eSBrooks Davis.Sh SYNOPSIS 32e4b0a90eSBrooks Davis.Nm 33e4b0a90eSBrooks Davis.Cm label 34e4b0a90eSBrooks Davis.Op Fl hv 35e4b0a90eSBrooks Davis.Ar name 36e4b0a90eSBrooks Davis.Ar prov prov ... 37e4b0a90eSBrooks Davis.Nm 38e4b0a90eSBrooks Davis.Cm stop 39e4b0a90eSBrooks Davis.Op Fl fv 40e4b0a90eSBrooks Davis.Ar name ... 41e4b0a90eSBrooks Davis.Nm 42e4b0a90eSBrooks Davis.Cm clear 43e4b0a90eSBrooks Davis.Op Fl v 44e4b0a90eSBrooks Davis.Ar prov ... 45e4b0a90eSBrooks Davis.Nm 46e4b0a90eSBrooks Davis.Cm dump 47e4b0a90eSBrooks Davis.Ar prov ... 48e4b0a90eSBrooks Davis.Nm 49e4b0a90eSBrooks Davis.Cm list 50e4b0a90eSBrooks Davis.Nm 51e4b0a90eSBrooks Davis.Cm status 52e4b0a90eSBrooks Davis.Nm 53e4b0a90eSBrooks Davis.Cm load 54e4b0a90eSBrooks Davis.Nm 55e4b0a90eSBrooks Davis.Cm unload 56e4b0a90eSBrooks Davis.Sh DESCRIPTION 57e4b0a90eSBrooks DavisThe 58e4b0a90eSBrooks Davis.Nm 59e4b0a90eSBrooks Davisutility is used for setting up a device which contains a shared secret. 60e4b0a90eSBrooks DavisThe secret is shared between the given providers. 61e4b0a90eSBrooks DavisTo collect the secret, all providers are needed. 62e4b0a90eSBrooks DavisIf one of the components is missing, there is no way to get any useful data from 63e4b0a90eSBrooks Davisthe rest of them. 64e4b0a90eSBrooks DavisThe first argument to 65e4b0a90eSBrooks Davis.Nm 66e4b0a90eSBrooks Davisindicates an action to be performed: 67e4b0a90eSBrooks Davis.Bl -tag -width ".Cm destroy" 68e4b0a90eSBrooks Davis.It Cm label 69e4b0a90eSBrooks DavisSet up a shared secret device from the given components with the specified 70e4b0a90eSBrooks Davis.Ar name . 71e4b0a90eSBrooks DavisMetadata are stored in the last sector of every component. 72e4b0a90eSBrooks Davis.It Cm stop 73e4b0a90eSBrooks DavisTurn off an existing shared secret device by its 74e4b0a90eSBrooks Davis.Ar name . 75e4b0a90eSBrooks DavisThis command does not touch on-disk metadata! 76e4b0a90eSBrooks Davis.It Cm clear 77e4b0a90eSBrooks DavisClear metadata on the given providers. 78e4b0a90eSBrooks Davis.It Cm dump 79e4b0a90eSBrooks DavisDump metadata stored on the given providers. 80e4b0a90eSBrooks Davis.It Cm list 81e4b0a90eSBrooks DavisSee 82e4b0a90eSBrooks Davis.Xr geom 8 . 83e4b0a90eSBrooks Davis.It Cm status 84e4b0a90eSBrooks DavisSee 85e4b0a90eSBrooks Davis.Xr geom 8 . 86e4b0a90eSBrooks Davis.It Cm load 87e4b0a90eSBrooks DavisSee 88e4b0a90eSBrooks Davis.Xr geom 8 . 89e4b0a90eSBrooks Davis.It Cm unload 90e4b0a90eSBrooks DavisSee 91e4b0a90eSBrooks Davis.Xr geom 8 . 92e4b0a90eSBrooks Davis.El 93e4b0a90eSBrooks Davis.Pp 94e4b0a90eSBrooks DavisAdditional options: 95e4b0a90eSBrooks Davis.Bl -tag -width ".Fl f" 96e4b0a90eSBrooks Davis.It Fl f 97e4b0a90eSBrooks DavisForce the removal of the specified shared secret device. 98e4b0a90eSBrooks Davis.It Fl h 99e4b0a90eSBrooks DavisHardcode providers' names in metadata. 100e4b0a90eSBrooks Davis.It Fl v 101e4b0a90eSBrooks DavisBe more verbose. 102e4b0a90eSBrooks Davis.El 103e4b0a90eSBrooks Davis.Sh EXIT STATUS 104e4b0a90eSBrooks DavisExit status is 0 on success, and 1 if the command fails. 105e4b0a90eSBrooks Davis.Sh EXAMPLES 106e4b0a90eSBrooks DavisThe following example shows how to create a shared secret device. 107e4b0a90eSBrooks DavisThe secret will be split between a slice on a local disk and a USB Pen drive. 108e4b0a90eSBrooks Davis.Bd -literal -offset indent 109e4b0a90eSBrooks Davisgshsec label -v secret /dev/ada0s1 /dev/da0 110e4b0a90eSBrooks Davisnewfs /dev/shsec/secret 111e4b0a90eSBrooks Davis.Ed 112e4b0a90eSBrooks Davis.Pp 113e4b0a90eSBrooks DavisFrom now on, when the USB Pen drive is inserted, it will be automatically 114e4b0a90eSBrooks Davisdetected and connected, making the secret available via the 115e4b0a90eSBrooks Davis.Pa /dev/shsec/secret 116e4b0a90eSBrooks Davisdevice. 117e4b0a90eSBrooks Davis.Sh SEE ALSO 118e4b0a90eSBrooks Davis.Xr geom 4 , 119e4b0a90eSBrooks Davis.Xr geom 8 , 120e4b0a90eSBrooks Davis.Xr newfs 8 121e4b0a90eSBrooks Davis.Sh HISTORY 122e4b0a90eSBrooks DavisThe 123e4b0a90eSBrooks Davis.Nm 124e4b0a90eSBrooks Davisutility appeared in 125e4b0a90eSBrooks Davis.Fx 5.4 . 126e4b0a90eSBrooks Davis.Sh AUTHORS 127e4b0a90eSBrooks Davis.An Pawel Jakub Dawidek Aq Mt pjd@FreeBSD.org 128