From 2a9dea2973a6141e8efdf8bd26d8ddb2d2c35fc4 Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Fri, 20 Aug 2021 15:57:40 +0200 Subject: -deterministic-names: accept flag on -init And store it in gocryptfs.conf (=remove DirIV feature flag). --- Documentation/MANPAGE.md | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'Documentation') diff --git a/Documentation/MANPAGE.md b/Documentation/MANPAGE.md index 07f063e..ab9f872 100644 --- a/Documentation/MANPAGE.md +++ b/Documentation/MANPAGE.md @@ -103,6 +103,14 @@ Defaults are fine. Use the AES-SIV encryption mode. This is slower than GCM but is secure with deterministic nonces as used in "-reverse" mode. +#### -deterministic-names +Disable file name randomisation and creation of `gocryptfs.diriv` files. +This can prevent sync conflicts conflicts when synchronising files, but +leaks information about identical file names across directories +("Identical names leak" in https://nuetzlich.net/gocryptfs/comparison/#file-names ). + +The resulting `gocryptfs.conf` has "DirIV" missing from "FeatureFlags". + #### -devrandom Use `/dev/random` for generating the master key instead of the default Go implementation. This is especially useful on embedded systems with Go versions @@ -545,11 +553,6 @@ useful in regression testing. Applies to: all actions. -#### -zerodiriv -Create diriv as all-zero files - -Applies to: all actions without `-plaintextnames`. - #### \-\- Stop option parsing. Helpful when CIPHERDIR may start with a dash "-". -- cgit v1.2.3