From 7883d383d842707994b664f4d56ffbe833d3dc52 Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Thu, 18 Apr 2024 18:51:04 +0200 Subject: MANPAGE: emphasize that -reverse implies -aessiv, so you must specify it with -masterkey Fixes: https://github.com/rfjakob/gocryptfs/issues/841 --- Documentation/MANPAGE.md | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/Documentation/MANPAGE.md b/Documentation/MANPAGE.md index 8793330..8c4af3f 100644 --- a/Documentation/MANPAGE.md +++ b/Documentation/MANPAGE.md @@ -155,7 +155,10 @@ mounted using gocryptfs v1.2 and higher. Default true. #### -reverse Reverse mode shows a read-only encrypted view of a plaintext -directory. Implies "-aessiv". +directory. Implies `-aessiv`. + +If you want to mount the encrypted view using `-masterkey`, you *must* +specify `-aessiv`. #### -xchacha Use XChaCha20-Poly1305 file content encryption. This should be much faster @@ -501,10 +504,14 @@ settings have to be passed on the command line: `-aessiv` when you mount a filesystem that was created using reverse mode, or `-plaintextnames` for a filesystem that was created with that option. -Examples: +Example 1: Mount a filesystem that was created using default options: + + gocryptfs -masterkey=6f717d8b-6b5f8e8a-fd0aa206-778ec093-62c5669b-abd229cd-241e00cd-b4d6713d cipher mnt + gocryptfs -masterkey=stdin cipher mnt + +Example 2: Mount a `gocryptfs -reverse` filesystem (note that you *must* specify `-aessiv`): - -masterkey=6f717d8b-6b5f8e8a-fd0aa206-778ec093-62c5669b-abd229cd-241e00cd-b4d6713d - -masterkey=stdin + gocryptfs -masterkey=stdin -aessiv cipher mnt Applies to: all actions that ask for a password. -- cgit v1.2.3