From 7883d383d842707994b664f4d56ffbe833d3dc52 Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Thu, 18 Apr 2024 18:51:04 +0200
Subject: MANPAGE: emphasize that -reverse implies -aessiv, so you must specify
 it with -masterkey

Fixes: https://github.com/rfjakob/gocryptfs/issues/841
---
 Documentation/MANPAGE.md | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/Documentation/MANPAGE.md b/Documentation/MANPAGE.md
index 8793330..8c4af3f 100644
--- a/Documentation/MANPAGE.md
+++ b/Documentation/MANPAGE.md
@@ -155,7 +155,10 @@ mounted using gocryptfs v1.2 and higher. Default true.
 
 #### -reverse
 Reverse mode shows a read-only encrypted view of a plaintext
-directory. Implies "-aessiv".
+directory. Implies `-aessiv`.
+
+If you want to mount the encrypted view using `-masterkey`, you *must*
+specify `-aessiv`.
 
 #### -xchacha
 Use XChaCha20-Poly1305 file content encryption. This should be much faster
@@ -501,10 +504,14 @@ settings have to be passed on the command line: `-aessiv` when you
 mount a filesystem that was created using reverse mode, or
 `-plaintextnames` for a filesystem that was created with that option.
 
-Examples:
+Example 1: Mount a filesystem that was created using default options:
+
+    gocryptfs -masterkey=6f717d8b-6b5f8e8a-fd0aa206-778ec093-62c5669b-abd229cd-241e00cd-b4d6713d cipher mnt
+    gocryptfs -masterkey=stdin cipher mnt
+
+Example 2: Mount a `gocryptfs -reverse` filesystem (note that you *must* specify `-aessiv`):
 
-    -masterkey=6f717d8b-6b5f8e8a-fd0aa206-778ec093-62c5669b-abd229cd-241e00cd-b4d6713d
-    -masterkey=stdin
+    gocryptfs -masterkey=stdin -aessiv cipher mnt
 
 Applies to: all actions that ask for a password.
 
-- 
cgit v1.2.3