summaryrefslogtreecommitdiffstats
path: root/man
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-17 08:06:26 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-17 08:06:26 +0000
commit1660d4b7a65d9ad2ce0deaa19d35579ca4084ac5 (patch)
tree6cf8220b628ebd2ccfc1375dd6516c6996e9abcc /man
parentInitial commit. (diff)
downloadcryptsetup-upstream.tar.xz
cryptsetup-upstream.zip
Adding upstream version 2:2.6.1.upstream/2%2.6.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--man/Makemodule.am145
-rw-r--r--man/common_footer.adoc17
-rw-r--r--man/common_options.adoc1195
-rw-r--r--man/cryptsetup-benchmark.8.adoc41
-rw-r--r--man/cryptsetup-bitlkDump.8.adoc34
-rw-r--r--man/cryptsetup-close.8.adoc30
-rw-r--r--man/cryptsetup-config.8.adoc30
-rw-r--r--man/cryptsetup-convert.8.adoc37
-rw-r--r--man/cryptsetup-erase.8.adoc28
-rw-r--r--man/cryptsetup-fvault2Dump.8.adoc34
-rw-r--r--man/cryptsetup-isLuks.8.adoc29
-rw-r--r--man/cryptsetup-luksAddKey.8.adoc71
-rw-r--r--man/cryptsetup-luksChangeKey.8.adoc46
-rw-r--r--man/cryptsetup-luksConvertKey.8.adoc41
-rw-r--r--man/cryptsetup-luksDump.8.adoc50
-rw-r--r--man/cryptsetup-luksFormat.8.adoc51
-rw-r--r--man/cryptsetup-luksHeaderBackup.8.adoc35
-rw-r--r--man/cryptsetup-luksHeaderRestore.8.adoc34
-rw-r--r--man/cryptsetup-luksKillSlot.8.adoc40
-rw-r--r--man/cryptsetup-luksRemoveKey.8.adoc33
-rw-r--r--man/cryptsetup-luksResume.8.adoc29
-rw-r--r--man/cryptsetup-luksSuspend.8.adoc33
-rw-r--r--man/cryptsetup-luksUUID.8.adoc25
-rw-r--r--man/cryptsetup-open.8.adoc165
-rw-r--r--man/cryptsetup-reencrypt.8.adoc175
-rw-r--r--man/cryptsetup-refresh.8.adoc53
-rw-r--r--man/cryptsetup-repair.8.adoc43
-rw-r--r--man/cryptsetup-resize.8.adoc42
-rw-r--r--man/cryptsetup-ssh.8.adoc80
-rw-r--r--man/cryptsetup-status.8.adoc24
-rw-r--r--man/cryptsetup-tcryptDump.8.adoc37
-rw-r--r--man/cryptsetup-token.8.adoc55
-rw-r--r--man/cryptsetup.8.adoc729
-rw-r--r--man/integritysetup.8.adoc334
-rw-r--r--man/veritysetup.8.adoc311
35 files changed, 4156 insertions, 0 deletions
diff --git a/man/Makemodule.am b/man/Makemodule.am
new file mode 100644
index 0000000..41e21da
--- /dev/null
+++ b/man/Makemodule.am
@@ -0,0 +1,145 @@
+ADOCFILES_COMMON = \
+ man/common_options.adoc \
+ man/common_footer.adoc
+
+ADOCFILES = $(ADOCFILES_COMMON) \
+ man/cryptsetup.8.adoc \
+ man/cryptsetup-open.8.adoc \
+ man/cryptsetup-close.8.adoc \
+ man/cryptsetup-reencrypt.8.adoc \
+ man/cryptsetup-status.8.adoc \
+ man/cryptsetup-resize.8.adoc \
+ man/cryptsetup-refresh.8.adoc \
+ man/cryptsetup-luksFormat.8.adoc \
+ man/cryptsetup-luksSuspend.8.adoc \
+ man/cryptsetup-luksResume.8.adoc \
+ man/cryptsetup-luksAddKey.8.adoc \
+ man/cryptsetup-luksRemoveKey.8.adoc \
+ man/cryptsetup-luksConvertKey.8.adoc \
+ man/cryptsetup-luksKillSlot.8.adoc \
+ man/cryptsetup-luksChangeKey.8.adoc \
+ man/cryptsetup-erase.8.adoc \
+ man/cryptsetup-luksUUID.8.adoc \
+ man/cryptsetup-isLuks.8.adoc \
+ man/cryptsetup-luksDump.8.adoc \
+ man/cryptsetup-luksHeaderBackup.8.adoc \
+ man/cryptsetup-luksHeaderRestore.8.adoc \
+ man/cryptsetup-token.8.adoc \
+ man/cryptsetup-convert.8.adoc \
+ man/cryptsetup-config.8.adoc \
+ man/cryptsetup-tcryptDump.8.adoc \
+ man/cryptsetup-bitlkDump.8.adoc \
+ man/cryptsetup-fvault2Dump.8.adoc \
+ man/cryptsetup-repair.8.adoc \
+ man/cryptsetup-benchmark.8.adoc \
+ man/cryptsetup-ssh.8.adoc \
+ man/veritysetup.8.adoc \
+ man/integritysetup.8.adoc
+
+dist_noinst_DATA += $(ADOCFILES)
+
+CRYPTSETUP_MANPAGES = \
+ man/cryptsetup.8 \
+ man/cryptsetup-open.8 \
+ man/cryptsetup-close.8 \
+ man/cryptsetup-reencrypt.8 \
+ man/cryptsetup-status.8 \
+ man/cryptsetup-resize.8 \
+ man/cryptsetup-refresh.8 \
+ man/cryptsetup-luksFormat.8 \
+ man/cryptsetup-luksSuspend.8 \
+ man/cryptsetup-luksResume.8 \
+ man/cryptsetup-luksAddKey.8 \
+ man/cryptsetup-luksRemoveKey.8 \
+ man/cryptsetup-luksConvertKey.8 \
+ man/cryptsetup-luksKillSlot.8 \
+ man/cryptsetup-luksChangeKey.8 \
+ man/cryptsetup-erase.8 \
+ man/cryptsetup-luksUUID.8 \
+ man/cryptsetup-isLuks.8 \
+ man/cryptsetup-luksDump.8 \
+ man/cryptsetup-luksHeaderBackup.8 \
+ man/cryptsetup-luksHeaderRestore.8 \
+ man/cryptsetup-token.8 \
+ man/cryptsetup-convert.8 \
+ man/cryptsetup-config.8 \
+ man/cryptsetup-tcryptDump.8 \
+ man/cryptsetup-bitlkDump.8 \
+ man/cryptsetup-fvault2Dump.8 \
+ man/cryptsetup-repair.8 \
+ man/cryptsetup-benchmark.8
+
+CRYPTSETUP_MANLINKS = \
+ man/cryptsetup-create.8 \
+ man/cryptsetup-plainOpen.8 \
+ man/cryptsetup-luksOpen.8 \
+ man/cryptsetup-loopaesOpen.8 \
+ man/cryptsetup-tcryptOpen.8 \
+ man/cryptsetup-bitlkOpen.8 \
+ man/cryptsetup-fvault2Open.8 \
+ man/cryptsetup-luksErase.8
+
+VERITYSETUP_MANPAGES = man/veritysetup.8
+INTEGRITYSETUP_MANPAGES = man/integritysetup.8
+SSHPLUGIN_MANPAGES = man/cryptsetup-ssh.8
+
+MANPAGES_ALL = \
+ $(CRYPTSETUP_MANPAGES) \
+ $(CRYPTSETUP_MANLINKS) \
+ $(VERITYSETUP_MANPAGES) \
+ $(INTEGRITYSETUP_MANPAGES) \
+ $(SSHPLUGIN_MANPAGES)
+
+MANPAGES =
+MANLINKS =
+
+if CRYPTSETUP
+MANPAGES += $(CRYPTSETUP_MANPAGES)
+MANLINKS += $(CRYPTSETUP_MANLINKS)
+endif
+if VERITYSETUP
+MANPAGES += $(VERITYSETUP_MANPAGES)
+endif
+if INTEGRITYSETUP
+MANPAGES += $(INTEGRITYSETUP_MANPAGES)
+endif
+if SSHPLUGIN_TOKEN
+MANPAGES += $(SSHPLUGIN_MANPAGES)
+endif
+
+if ENABLE_ASCIIDOC
+EXTRA_DIST += $(MANPAGES_ALL)
+man8_MANS += $(MANPAGES) $(MANLINKS)
+
+$(MANPAGES): $(ADOCFILES_COMMON)
+
+SUFFIXES = .8.adoc .8
+.8.adoc.8:
+ $(AM_V_GEN) $(ASCIIDOCTOR) -b manpage \
+ -a 'release-version=$(VERSION)' \
+ --base-dir=$(abs_srcdir) \
+ --destination-dir $(abs_builddir)/man $<
+
+$(MANLINKS): $(MANPAGES)
+gen-man: $(man8_MANS)
+
+gen-man-dist:
+ @list=`find -name *.adoc -not -path "*/man/common_*" | sed -e 's/\.adoc//g'`; \
+ missing=`for p in $$list; do test -f $$p || echo $$p; done`; \
+ if test -n "$$missing"; then \
+ $(MAKE) $(AM_MAKEFLAGS) $$missing; \
+ fi;
+
+# !ENABLE_ASCIIDOC
+else
+
+if HAVE_MANPAGES
+EXTRA_DIST += $(MANPAGES_ALL)
+man8_MANS += $(MANPAGES) $(MANLINKS)
+endif
+
+gen-man:
+gen-man-dist:
+endif
+
+dist-hook: gen-man-dist
diff --git a/man/common_footer.adoc b/man/common_footer.adoc
new file mode 100644
index 0000000..21302eb
--- /dev/null
+++ b/man/common_footer.adoc
@@ -0,0 +1,17 @@
+
+== REPORTING BUGS
+
+Report bugs at mailto:cryptsetup@lists.linux.dev[*cryptsetup mailing list*]
+or in https://gitlab.com/cryptsetup/cryptsetup/-/issues/new[*Issues project section*].
+
+Please attach output of the failed command with --debug option added.
+
+== SEE ALSO
+
+https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions[*Cryptsetup FAQ*]
+
+*cryptsetup*(8), *integritysetup*(8) and *veritysetup*(8)
+
+== CRYPTSETUP
+
+Part of https://gitlab.com/cryptsetup/cryptsetup/[*cryptsetup project*].
diff --git a/man/common_options.adoc b/man/common_options.adoc
new file mode 100644
index 0000000..56a6e29
--- /dev/null
+++ b/man/common_options.adoc
@@ -0,0 +1,1195 @@
+== OPTIONS
+
+ifdef::ACTION_REENCRYPT[]
+*--block-size* _value_ *(LUKS1 only)*::
+Use re-encryption block size of _value_ in MiB.
++
+Values can be between 1 and 64 MiB.
+endif::[]
+
+ifdef::ACTION_REENCRYPT[]
+*--use-directio (LUKS1 only)*::
+Use direct-io (O_DIRECT) for all read/write data operations related
+to block device undergoing reencryption.
++
+Useful if direct-io operations perform better than normal buffered
+operations (e.g. in virtual environments).
+endif::[]
+
+ifdef::ACTION_REENCRYPT[]
+*--use-fsync (LUKS1 only)*::
+Use fsync call after every written block. This applies for reencryption
+log files as well.
+endif::[]
+
+ifdef::ACTION_REENCRYPT[]
+*--write-log (LUKS1 only)*::
+Update log file after every block write. This can slow down reencryption
+but will minimize data loss in the case of system crash.
+endif::[]
+
+ifdef::ACTION_ISLUKS[]
+*--verbose, -v*::
+Print more information on command execution.
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_LUKSFORMAT,ACTION_LUKSRESUME,ACTION_LUKSADDKEY,ACTION_LUKSREMOVEKEY,ACTION_LUKSCHANGEKEY,ACTION_LUKSKILLSLOT,ACTION_ISLUKS,ACTION_LUKSDUMP,ACTION_LUKSUUID,ACTION_CONVERT,ACTION_REPAIR,ACTION_REENCRYPT[]
+*--type <device-type>*::
+ifndef::ACTION_REENCRYPT[]
+Specifies required device type, for more info read _BASIC ACTIONS_ section in *cryptsetup*(8).
+endif::[]
+ifdef::ACTION_REENCRYPT[]
+Specifies required (encryption mode) or expected (other modes) LUKS format. Accepts only _luks1_ or _luks2_.
+endif::[]
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_LUKSFORMAT,ACTION_LUKSADDKEY,ACTION_LUKSCHANGEKEY,ACTION_LUKSCONVERTKEY,ACTION_TCRYPTDUMP,ACTION_BENCHMARK,ACTION_REENCRYPT[]
+*--hash, -h* _<hash-spec>_::
+ifdef::ACTION_OPEN,ACTION_TCRYPTDUMP[]
+Specifies the passphrase hash. Applies to _plain_ and _loopaes_ device types only.
++
+For _tcrypt_ device type, it restricts checked PBKDF2 variants when looking for header.
+endif::[]
+ifdef::ACTION_LUKSFORMAT[]
+Specifies the hash used in the LUKS key setup scheme and volume key
+digest.
+endif::[]
+ifndef::ACTION_REENCRYPT,ACTION_OPEN,ACTION_TCRYPTDUMP[]
+The specified hash is used for PBKDF2 and AF splitter.
+endif::[]
+ifdef::ACTION_REENCRYPT[]
+*LUKS1:*
+Specifies the hash used in the LUKS1 key setup scheme and volume key digest.
++
+*NOTE*: if this parameter is not specified, default hash algorithm is always used
+for new LUKS1 device header.
++
+*LUKS2:* Ignored unless new keyslot pbkdf algorithm is set to PBKDF2 (see --pbkdf).
+endif::[]
++
+ifdef::ACTION_LUKSFORMAT[]
+The hash algorithm must provide at least 160 bits of output.
+Do not use a non-crypto hash like *xxhash* as this breaks security.
+Use _cryptsetup --help_ to show the defaults.
+endif::[]
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_LUKSFORMAT,ACTION_REENCRYPT,ACTION_TCRYPTDUMP,ACTION_BENCHMARK[]
+*--cipher, -c* _<cipher-spec>_::
+ifdef::ACTION_OPEN,ACTION_TCRYPTDUMP[]
+Set the cipher specification string for _plain_ device type.
++
+For _tcrypt_ device type it restricts checked cipher chains when looking for header.
+endif::[]
+ifndef::ACTION_REENCRYPT,ACTION_OPEN,ACTION_TCRYPTDUMP[]
+Set the cipher specification string.
+endif::[]
+ifdef::ACTION_REENCRYPT[]
+*LUKS2*:
+Set the cipher specification string for data segment only.
++
+*LUKS1*:
+Set the cipher specification string for data segment and keyslots.
++
+*NOTE*: In encrypt mode, if cipher specification is omitted the default cipher is applied.
+In reencrypt mode, if no new cipher specification is requested, the existing cipher will remain
+in use. Unless the existing cipher was "cipher_null". In that case default cipher would
+be applied as in encrypt mode.
+endif::[]
+ifdef::ACTION_OPEN,ACTION_LUKSFORMAT,ACTION_REENCRYPT[]
++
+_cryptsetup --help_ shows the compiled-in defaults.
++
+If a hash is part of the cipher specification, then it is used as part
+of the IV generation. For example, ESSIV needs a hash function, while
+"plain64" does not and hence none is specified.
++
+For XTS mode you can optionally set a key size of 512 bits with the -s
+option. Key size for XTS mode is twice that for other modes for the same
+security level.
+endif::[]
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_RESIZE,ACTION_LUKSFORMAT,ACTION_LUKSRESUME,ACTION_LUKSADDKEY,ACTION_LUKSREMOVEKEY,ACTION_LUKSCHANGEKEY,ACTION_LUKSCONVERTKEY,ACTION_LUKSKILLSLOT,ACTION_REPAIR,ACTION_TCRYPTDUMP,ACTION_REENCRYPT[]
+*--verify-passphrase, -y*::
+When interactively asking for a passphrase, ask for it twice and
+complain if both inputs do not match.
+ifdef::ACTION_OPEN[]
+Advised when creating a _plain_ type mapping for the first time.
+endif::[]
+Ignored on input from file or stdin.
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_RESIZE,ACTION_LUKSFORMAT,ACTION_LUKSRESUME,ACTION_LUKSADDKEY,ACTION_LUKSREMOVEKEY,ACTION_LUKSCHANGEKEY,ACTION_LUKSCONVERTKEY,ACTION_LUKSKILLSLOT,ACTION_LUKSDUMP,ACTION_TCRYPTDUMP,ACTION_REENCRYPT,ACTION_REPAIR,ACTION_BITLKDUMP[]
+*--key-file, -d* _name_::
+Read the passphrase from file.
++
+If the name given is "-", then the passphrase will be read from stdin.
+In this case, reading will not stop at newline characters.
++
+ifdef::ACTION_LUKSADDKEY,ACTION_LUKSCHANGEKEY[]
+The passphrase supplied via --key-file is always the passphrase for existing
+keyslot requested by the command.
++
+If you want to set a new passphrase via key file, you have to use a
+positional argument or parameter --new-keyfile.
++
+endif::[]
+ifdef::ACTION_OPEN[]
+*NOTE:* With _plain_ device type, the passphrase obtained via --key-file option is
+passed directly in dm-crypt. Unlike the interactive mode (stdin)
+where digest (--hash option) of the passphrase is passed in dm-crypt instead.
++
+endif::[]
+ifndef::ACTION_REENCRYPT[]
+See section _NOTES ON PASSPHRASE PROCESSING_ in *cryptsetup*(8) for more information.
+endif::[]
+ifdef::ACTION_REENCRYPT[]
+*WARNING:* --key-file option can be used only if there is only one active keyslot,
+or alternatively, also if --key-slot option is specified (then all other keyslots
+will be disabled in new LUKS device).
++
+If this option is not used, cryptsetup will ask for all active keyslot
+passphrases.
+endif::[]
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_RESIZE,ACTION_LUKSFORMAT,ACTION_LUKSRESUME,ACTION_LUKSADDKEY,ACTION_LUKSREMOVEKEY,ACTION_LUKSCHANGEKEY,ACTION_LUKSCONVERTKEY,ACTION_LUKSKILLSLOT,ACTION_LUKSDUMP,ACTION_REENCRYPT,ACTION_REPAIR,ACTION_BITLKDUMP[]
+*--keyfile-offset* _value_::
+Skip _value_ bytes at the beginning of the key file.
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_RESIZE,ACTION_LUKSFORMAT,ACTION_LUKSRESUME,ACTION_LUKSADDKEY,ACTION_LUKSREMOVEKEY,ACTION_LUKSCHANGEKEY,ACTION_LUKSCONVERTKEY,ACTION_LUKSKILLSLOT,ACTION_LUKSDUMP,ACTION_REENCRYPT,ACTION_REPAIR,ACTION_BITLKDUMP[]
+*--keyfile-size, -l* _value_::
+Read a maximum of _value_ bytes from the key file. The default is to
+read the whole file up to the compiled-in maximum that can be queried
+with --help. Supplying more data than the compiled-in maximum aborts
+the operation.
++
+This option is useful to cut trailing newlines, for example. If
+--keyfile-offset is also given, the size count starts after the offset.
+endif::[]
+
+ifdef::ACTION_LUKSADDKEY[]
+*--new-keyfile* _name_::
+Read the passphrase for a new keyslot from file.
++
+If the name given is "-", then the passphrase will be read from stdin.
+In this case, reading will not stop at newline characters.
++
+This is alternative method to positional argument when adding new
+passphrase via kefile.
+endif::[]
+
+ifdef::ACTION_LUKSADDKEY,ACTION_LUKSCHANGEKEY,ACTION_LUKSCONVERTKEY[]
+*--new-keyfile-offset* _value_::
+Skip _value_ bytes at the start when adding a new passphrase from key
+file.
+endif::[]
+
+ifdef::ACTION_LUKSADDKEY,ACTION_LUKSCHANGEKEY,ACTION_LUKSCONVERTKEY[]
+*--new-keyfile-size* _value_::
+Read a maximum of _value_ bytes when adding a new passphrase from key
+file. The default is to read the whole file up to
+the compiled-in maximum length that can be queried with --help.
+Supplying more than the compiled in maximum aborts the operation. When
+--new-keyfile-offset is also given, reading starts after the offset.
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_LUKSFORMAT,ACTION_LUKSADDKEY,ACTION_LUKSDUMP,ACTION_BITLKDUMP,ACTION_REENCRYPT[]
+*--volume-key-file, --master-key-file (OBSOLETE alias)*::
+ifndef::ACTION_REENCRYPT[]
+Use a volume key stored in a file.
+endif::[]
+ifdef::ACTION_FORMAT[]
++
+This allows creating a LUKS header with this specific
+volume key. If the volume key was taken from an existing LUKS header and
+all other parameters are the same, then the new header decrypts the data
+encrypted with the header the volume key was taken from. +
+endif::[]
+ifdef::ACTION_LUKSDUMP,ACTION_BITLKDUMP[]
+The volume key is stored in a file instead of being printed out to standard output. +
+endif::[]
+ifdef::ACTION_LUKSADDKEY[]
+This allows adding a new keyslot without having to know passphrase to existing one.
+It may be also used when no keyslot is active.
++
+endif::[]
+ifdef::ACTION_OPEN[]
+This allows one to open _luks_ and _bitlk_ device types without giving a passphrase. +
+endif::[]
+ifdef::ACTION_REENCRYPT[]
+Use (set) new volume key stored in a file. +
+endif::[]
+ifdef::ACTION_LUKSFORMAT,ACTION_LUKSADDKEY,ACTION_REENCRYPT[]
+*WARNING:* If you create your own volume key, you need to make sure to
+do it right. Otherwise, you can end up with a low-entropy or otherwise
+partially predictable volume key which will compromise security.
+endif::[]
+endif::[]
+
+ifdef::ACTION_LUKSDUMP[]
+*--dump-json-metadata*::
+For _luksDump_ (LUKS2 only) this option prints content of LUKS2 header
+JSON metadata area.
+endif::[]
+
+ifdef::ACTION_LUKSDUMP,ACTION_TCRYPTDUMP,ACTION_BITLKDUMP[]
+*--dump-volume-key, --dump-master-key (OBSOLETE alias)*::
+Print the volume key in the displayed information. Use with care,
+as the volume key can be used to bypass
+the passphrases, see also option --volume-key-file.
+endif::[]
+
+ifdef::ACTION_TOKEN[]
+*--json-file*::
+Read token JSON from a file or write token to it. --json-file=- reads JSON from
+standard input or writes it to standard output respectively.
+endif::[]
+
+ifdef::ACTION_TOKEN[]
+*--token-replace*::
+Replace an existing token when adding or importing a token with the
+--token-id option.
+endif::[]
+
+ifdef::ACTION_LUKSFORMAT,ACTION_REENCRYPT[]
+*--use-random*::
+*--use-urandom*::
+ifdef::ACTION_REENCRYPT[]
+Define which kernel random number generator will be used to create the volume key.
+endif::[]
+ifndef::ACTION_REENCRYPT[]
+For _luksFormat_ these options define which kernel random number
+generator will be used to create the volume key (which is a long-term
+key).
++
+See *NOTES ON RANDOM NUMBER GENERATORS* in *cryptsetup*(8) for more
+information. Use _cryptsetup --help_ to show the compiled-in default random
+number generator.
++
+*WARNING:* In a low-entropy situation (e.g. in an embedded system) and older
+kernels, both selections are problematic. Using /dev/urandom can lead to weak keys.
+Using /dev/random can block a long time, potentially forever, if not
+enough entropy can be harvested by the kernel.
+endif::[]
+endif::[]
+
+ifdef::ACTION_REENCRYPT[]
+*--keep-key*::
+*LUKS2*:
+Do not change effective volume key and change other parameters provided
+it is requested.
++
+*LUKS1*:
+Reencrypt only the LUKS1 header and keyslots. Skips data in-place reencryption.
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_RESIZE,ACTION_LUKSFORMAT,ACTION_LUKSADDKEY,ACTION_LUKSCHANGEKEY,ACTION_LUKSCONVERTKEY,ACTION_LUKSDUMP,ACTION_LUKSRESUME,ACTION_TOKEN,ACTION_CONFIG,ACTION_TOKEN,ACTION_REPAIR,ACTION_REENCRYPT[]
+*--key-slot, -S <0-N>*::
+ifdef::ACTION_LUKSADDKEY[]
+When used together with parameter --new-key-slot this option allows you to specify which
+key slot is selected for unlocking volume key.
++
+*NOTE:* This option is ignored if existing volume key gets unlocked
+via LUKS2 token (--token-id, --token-type or --token-only parameters) or
+when volume key is provided directly via --volume-key-file parameter.
++
+*NOTE:* To maintain backward compatibility, without --new-key-slot parameter,
+this option allows you to specify which key slot is selected for the new key.
+endif::[]
+ifndef::ACTION_OPEN,ACTION_LUKSADDKEY[]
+For LUKS operations that add key material, this option allows you to
+specify which key slot is selected for the new key.
+endif::[]
+ifdef::ACTION_OPEN[]
+This option selects a specific key-slot to
+compare the passphrase against. If the given passphrase would only
+match a different key-slot, the operation fails.
+endif::[]
++
+ifdef::ACTION_REENCRYPT[]
+For reencryption mode it selects specific keyslot (and passphrase) that can be used to unlock new volume key.
+If used all other keyslots get removed after reencryption operation is finished.
++
+endif::[]
+The maximum number of key slots depends on the LUKS version. LUKS1 can have up
+to 8 key slots. LUKS2 can have up to 32 key slots based on key slot area
+size and key size, but a valid key slot ID can always be between 0 and
+31 for LUKS2.
+endif::[]
+
+ifdef::ACTION_LUKSADDKEY[]
+*--new-key-slot <0-N>*::
+This option allows you to specify which key slot is selected for
+the new key.
++
+*NOTE:* When used this option affects --key-slot option.
++
+The maximum number of key slots depends on the LUKS version. LUKS1 can have up
+to 8 key slots. LUKS2 can have up to 32 key slots based on key slot area
+size and key size, but a valid key slot ID can always be between 0 and
+31 for LUKS2.
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_LUKSFORMAT,ACTION_REENCRYPT,ACTION_BENCHMARK,ACTION_LUKSADDKEY[]
+*--key-size, -s* _bits_::
+ifndef::ACTION_LUKSADDKEY[]
+Sets key size in _bits_. The argument has to be a multiple of 8. The
+possible key-sizes are limited by the cipher and mode used.
++
+See /proc/crypto for more information. Note that key-size in
+/proc/crypto is stated in bytes.
++
+endif::[]
+ifdef::ACTION_LUKSADDKEY[]
+Provide volume key size in _bits_. The argument has to be a multiple of 8.
++
+This option is required when parameter --volume-key-file is used to provide
+current volume key. Also, it is used when new unbound keyslot is created by
+specifying --unbound parameter.
+endif::[]
+ifdef::ACTION_OPEN[]
+This option can be used for _plain_ device type only.
+endif::[]
+ifndef::ACTION_REENCRYPT,ACTION_OPEN,ACTION_LUKSADDKEY[]
+This option can be used for _open --type plain_ or _luksFormat_. All
+other LUKS actions will use the key-size specified in the LUKS header.
+Use _cryptsetup --help_ to show the compiled-in defaults.
+endif::[]
+ifdef::ACTION_REENCRYPT[]
+*LUKS1*:
+If you are increasing key size, there must be enough space in the LUKS header
+for enlarged keyslots (data offset must be large enough) or reencryption
+cannot be performed.
++
+If there is not enough space for keyslots with new key size,
+you can destructively shrink device with --reduce-device-size option.
+endif::[]
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_RESIZE[]
+*--size, -b <number of 512 byte sectors>*::
+Set the size of the device in sectors of 512 bytes.
+ifdef::ACTION_OPEN[]
+Usable only with _plain_ device type.
+endif::[]
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_LUKSFORMAT,ACTION_REENCRYPT[]
+*--offset, -o <number of 512 byte sectors>*::
+Start offset in the backend device in 512-byte sectors.
+ifdef::ACTION_OPEN[]
+This option is only relevant with plain or loopaes device types.
+endif::[]
+ifdef::ACTION_REENCRYPT[]
+This option is only relevant for the encrypt mode.
+endif::[]
++
+ifndef::ACTION_OPEN[]
+The --offset option sets the data offset (payload) of data
+device and must be aligned to 4096-byte sectors (must be multiple of
+8). This option cannot be combined with --align-payload option.
+endif::[]
+endif::[]
+
+ifdef::ACTION_OPEN[]
+*--skip, -p <number of 512 byte sectors>*::
+Start offset used in IV calculation in 512-byte sectors (how many
+sectors of the encrypted data to skip at the beginning). This option
+is only relevant with plain or loopaes device types.
++
+Hence, if --offset _n_, and --skip _s_, sector _n_ (the first sector of
+the encrypted device) will get a sector number of _s_ for the IV
+calculation.
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_REENCRYPT,ACTION_RESIZE[]
+*--device-size* _size[units]_::
+ifndef::ACTION_RESIZE[]
+Instead of real device size, use specified value.
+endif::[]
+ifdef::ACTION_RESIZE[]
+Sets new size of the device. If unset real device size is used.
+endif::[]
+ifdef::ACTION_OPEN[]
+Usable only with _plain_ device type.
+endif::[]
+ifdef::ACTION_REENCRYPT[]
+It means that only specified area (from the start of the device
+to the specified size) will be reencrypted.
++
+*WARNING:* This is destructive operation. Data beyond --device-size limit may
+be lost after operation gets finished.
+endif::[]
++
+If no unit suffix is specified, the size is in bytes.
++
+Unit suffix can be S for 512 byte sectors, K/M/G/T (or KiB,MiB,GiB,TiB)
+for units with 1024 base or KB/MB/GB/TB for 1000 base (SI scale).
+endif::[]
+
+ifdef::ACTION_OPEN[]
+*--readonly, -r*::
+set up a read-only mapping.
+endif::[]
+
+ifdef::ACTION_OPEN[]
+*--shared*::
+Creates an additional mapping for one common ciphertext device.
+Arbitrary mappings are supported. This option is only relevant for the
+_plain_ device type. Use --offset, --size and --skip to specify
+the mapped area.
+endif::[]
+
+ifdef::ACTION_LUKSFORMAT,ACTION_LUKSADDKEY,ACTION_LUKSCHANGEKEY,ACTION_LUKSCONVERTKEY,ACTION_REENCRYPT,ACTION_BENCHMARK[]
+*--pbkdf <PBKDF spec>*::
+Set Password-Based Key Derivation Function (PBKDF) algorithm for LUKS
+keyslot. The PBKDF can be: _pbkdf2_ (for PBKDF2 according to RFC2898),
+_argon2i_ for Argon2i or _argon2id_ for Argon2id (see
+https://www.cryptolux.org/index.php/Argon2[Argon2] for more info).
++
+For LUKS1, only PBKDF2 is accepted (no need to use this option). The
+default PBKDF for LUKS2 is set during compilation time and is available
+in _cryptsetup --help_ output.
++
+A PBKDF is used for increasing dictionary and brute-force attack cost
+for keyslot passwords. The parameters can be time, memory and parallel
+cost.
++
+For PBKDF2, only time cost (number of iterations) applies. For
+Argon2i/id, there is also memory cost (memory required during the
+process of key derivation) and parallel cost (number of threads that run
+in parallel during the key derivation.
++
+Note that increasing memory cost also increases time, so the final
+parameter values are measured by a benchmark. The benchmark tries to
+find iteration time (_--iter-time_) with required memory cost
+_--pbkdf-memory_. If it is not possible, the memory cost is decreased as
+well. The parallel cost _--pbkdf-parallel_ is constant and is checked
+against available CPU cores.
++
+You can see all PBKDF parameters for particular LUKS2 keyslot with
+*cryptsetup-luksDump*(8) command.
++
+*NOTE:* If you do not want to use benchmark and want to specify all
+parameters directly, use _--pbkdf-force-iterations_ with
+_--pbkdf-memory_ and _--pbkdf-parallel_. This will override the values
+without benchmarking. Note it can cause extremely long unlocking time.
+Use only in specific cases, for example, if you know that the formatted
+device will be used on some small embedded system.
++
+*MINIMAL AND MAXIMAL PBKDF COSTS:* For *PBKDF2*, the minimum iteration
+count is 1000 and maximum is 4294967295 (maximum for 32bit unsigned
+integer). Memory and parallel costs are unused for PBKDF2. For *Argon2i*
+and *Argon2id*, minimum iteration count (CPU cost) is 4 and maximum is
+4294967295 (maximum for 32bit unsigned integer). Minimum memory cost is
+32 KiB and maximum is 4 GiB. (Limited by addressable memory on some CPU
+platforms.) If the memory cost parameter is benchmarked (not specified
+by a parameter) it is always in range from 64 MiB to 1 GiB. The parallel
+cost minimum is 1 and maximum 4 (if enough CPUs cores are available,
+otherwise it is decreased).
+endif::[]
+
+ifdef::ACTION_LUKSFORMAT,ACTION_LUKSADDKEY,ACTION_LUKSCHANGEKEY,ACTION_LUKSCONVERTKEY,ACTION_REENCRYPT,ACTION_BENCHMARK[]
+*--iter-time, -i <number of milliseconds>*::
+ifndef::ACTION_REENCRYPT[]
+The number of milliseconds to spend with PBKDF passphrase processing.
+Specifying 0 as parameter selects the compiled-in default.
+endif::[]
+ifdef::ACTION_REENCRYPT[]
+The number of milliseconds to spend with PBKDF passphrase processing for the
+new LUKS header.
+endif::[]
+endif::[]
+
+ifdef::ACTION_LUKSFORMAT,ACTION_LUKSADDKEY,ACTION_LUKSCHANGEKEY,ACTION_LUKSCONVERTKEY,ACTION_REENCRYPT,ACTION_BENCHMARK[]
+*--pbkdf-memory <number>*::
+Set the memory cost for PBKDF (for Argon2i/id the number represents
+kilobytes). Note that it is maximal value, PBKDF benchmark or
+available physical memory can decrease it. This option is not
+available for PBKDF2.
+endif::[]
+
+ifdef::ACTION_LUKSFORMAT,ACTION_LUKSADDKEY,ACTION_LUKSCHANGEKEY,ACTION_LUKSCONVERTKEY,ACTION_REENCRYPT,ACTION_BENCHMARK[]
+*--pbkdf-parallel <number>*::
+Set the parallel cost for PBKDF (number of threads, up to 4). Note
+that it is maximal value, it is decreased automatically if CPU online
+count is lower. This option is not available for PBKDF2.
+endif::[]
+
+ifdef::ACTION_LUKSFORMAT,ACTION_LUKSADDKEY,ACTION_LUKSCHANGEKEY,ACTION_LUKSCONVERTKEY,ACTION_REENCRYPT[]
+*--pbkdf-force-iterations <num>*::
+Avoid PBKDF benchmark and set time cost (iterations) directly. It can
+be used for LUKS/LUKS2 device only. See _--pbkdf_ option for more
+info.
+endif::[]
+
+ifdef::ACTION_LUKSFORMAT,ACTION_REENCRYPT[]
+*--progress-frequency* _seconds_::
+ifndef::ACTION_REENCRYPT[]
+Print separate line every _seconds_ with wipe progress.
+endif::[]
+ifdef::ACTION_REENCRYPT[]
+Print separate line every _seconds_ with reencryption progress.
+endif::[]
+endif::[]
+
+ifdef::ACTION_LUKSFORMAT,ACTION_REENCRYPT[]
+*--progress-json*::
+Prints progress data in JSON format suitable mostly for machine
+processing. It prints separate line every half second (or based on
+_--progress-frequency_ value). The JSON output looks as follows during
+progress (except it's compact single line):
++
+....
+{
+ "device":"/dev/sda" // backing device or file
+ "device_bytes":"8192", // bytes of I/O so far
+ "device_size":"44040192", // total bytes of I/O to go
+ "speed":"126877696", // calculated speed in bytes per second (based on progress so far)
+ "eta_ms":"2520012" // estimated time to finish an operation in milliseconds
+ "time_ms":"5561235" // total time spent in IO operation in milliseconds
+}
+....
++
+Note on numbers in JSON output: Due to JSON parsers limitations all
+numbers are represented in a string format due to need of full 64bit
+unsigned integers.
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_LUKSFORMAT,ACTION_LUKSADDKEY,ACTION_LUKSCHANGEKEY,ACTION_LUKSCONVERTKEY,ACTION_LUKSREMOVEKEY,ACTION_LUKSKILLSLOT,ACTION_LUKSDUMP,ACTION_REENCRYPT,ACTION_REPAIR,ACTION_LUKSRESUME,ACTION_RESIZE,ACTION_TCRYPTDUMP,ACTION_BITLKDUMP[]
+*--timeout, -t <number of seconds>*::
+The number of seconds to wait before timeout on passphrase input via
+terminal. It is relevant every time a passphrase is asked.
+It has no effect if used in conjunction with --key-file.
++
+This option is useful when the system should not stall if the user
+does not input a passphrase, e.g. during boot. The default is a value
+of 0 seconds, which means to wait forever.
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_LUKSRESUME,ACTION_REENCRYPT[]
+*--tries, -T*::
+How often the input of the passphrase shall be retried. The default is 3 tries.
+endif::[]
+
+ifdef::ACTION_LUKSFORMAT,ACTION_REENCRYPT[]
+*--align-payload <number of 512 byte sectors>*::
+Align payload at a boundary of _value_ 512-byte sectors.
++
+If not specified, cryptsetup tries to use the topology info provided by
+the kernel for the underlying device to get the optimal alignment. If
+not available (or the calculated value is a multiple of the default)
+data is by default aligned to a 1MiB boundary (i.e. 2048 512-byte
+sectors).
++
+For a detached LUKS header, this option specifies the offset on the data
+device. See also the --header option.
++
+*WARNING:* This option is DEPRECATED and has often unexpected impact to
+the data offset and keyslot area size (for LUKS2) due to the complex
+rounding. For fixed data device offset use _--offset_ option instead.
+endif::[]
+
+ifdef::ACTION_LUKSFORMAT,ACTION_LUKSUUID,ACTION_REENCRYPT[]
+*--uuid <UUID>*::
+ifndef::ACTION_REENCRYPT[]
+Use the provided _UUID_ for the _luksFormat_ command instead of
+generating a new one. Changes the existing _UUID_ when used with the
+_luksUUID_ command.
++
+endif::[]
+ifdef::ACTION_REENCRYPT[]
+When used in encryption mode use the provided _UUID_ for the new LUKS header
+instead of generating a new one.
++
+*LUKS1 (only in decryption mode)*:
+To find out what _UUID_ to pass look for temporary files LUKS-_UUID_.[|log|org|new]
+of the interrupted decryption process.
++
+endif::[]
+The _UUID_ must be provided in the standard UUID format, e.g.
+12345678-1234-1234-1234-123456789abc.
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_REFRESH[]
+*--allow-discards*::
+Allow the use of discard (TRIM) requests for the device. This is also not
+supported for LUKS2 devices with data integrity protection.
++
+*WARNING:* This command can have a negative security impact because it
+can make filesystem-level operations visible on the physical device. For
+example, information leaking filesystem type, used space, etc. may be
+extractable from the physical device if the discarded blocks can be
+located later. If in doubt, do not use it.
++
+A kernel version of 3.1 or later is needed. For earlier kernels, this
+option is ignored.
+endif::[]
+
+ifdef::ACTION_REFRESH,ACTION_OPEN[]
+*--perf-same_cpu_crypt*::
+Perform encryption using the same cpu that IO was submitted on. The
+default is to use an unbound workqueue so that encryption work is
+automatically balanced between available CPUs.
++
+*NOTE:* This option is available only for low-level dm-crypt performance
+tuning, use only if you need a change to default dm-crypt behaviour.
+Needs kernel 4.0 or later.
+endif::[]
+
+ifdef::ACTION_REFRESH,ACTION_OPEN[]
+*--perf-submit_from_crypt_cpus*::
+Disable offloading writes to a separate thread after encryption. There
+are some situations where offloading write bios from the encryption
+threads to a single thread degrades performance significantly. The
+default is to offload write bios to the same thread.
++
+*NOTE:* This option is available only for low-level dm-crypt performance
+tuning, use only if you need a change to default dm-crypt behaviour.
+Needs kernel 4.0 or later.
+endif::[]
+
+ifdef::ACTION_REFRESH,ACTION_OPEN[]
+*--perf-no_read_workqueue, --perf-no_write_workqueue*::
+Bypass dm-crypt internal workqueue and process read or write requests
+synchronously.
++
+*NOTE:* These options are available only for low-level dm-crypt
+performance tuning, use only if you need a change to default dm-crypt
+behaviour. Needs kernel 5.9 or later.
+endif::[]
+
+ifdef::ACTION_OPEN[]
+*--test-passphrase*::
+Do not activate the device, just verify passphrase. The device mapping name is
+not mandatory if this option is used.
+endif::[]
+
+ifndef::ACTION_BENCHMARK,ACTION_BITLKDUMP[]
+*--header <device or file storing the LUKS header>*::
+ifndef::ACTION_OPEN[]
+Use a detached (separated) metadata device or file where the LUKS
+header is stored. This option allows one to store ciphertext and LUKS
+header on different devices.
++
+endif::[]
+ifdef::ACTION_OPEN[]
+Specify detached (separated) metadata device or file where the header is stored.
++
+*WARNING:* There is no check whether the ciphertext device specified
+actually belongs to the header given. In fact, you can specify an
+arbitrary device as the ciphertext device with the --header option.
+Use with care.
+endif::[]
+ifndef::ACTION_REENCRYPT[]
+ifdef::ACTION_LUKSFORMAT[]
+With a file name as the argument to --header, the file
+will be automatically created if it does not exist. See the cryptsetup
+FAQ for header size calculation.
++
+The --align-payload option is taken as absolute sector alignment on ciphertext
+device and can be zero.
+endif::[]
+ifndef::ACTION_LUKSFORMAT,ACTION_OPEN[]
+For commands that change the LUKS header (e.g. _luksAddKey_),
+specify the device or file with the LUKS header directly as the LUKS
+device.
+endif::[]
+endif::[]
+ifdef::ACTION_REENCRYPT[]
+If used with --encrypt/--new option, the header file will be created (or overwritten).
+Use with care.
++
+*LUKS2*:
+For decryption mode the option may be used to export original LUKS2 header
+to a detached file. The passed future file must not exist at the time
+of initializing the decryption operation. This frees space in head of data
+device so that data can be moved at original LUKS2 header location. Later on
+decryption operation continues as if the ordinary detached header was passed.
++
+*WARNING:* Never put exported header file in a filesystem on top of device
+you are about to decrypt! It would cause a deadlock.
+endif::[]
+endif::[]
+
+ifdef::ACTION_LUKSHEADERBACKUP,ACTION_LUKSHEADERRESTORE[]
+*--header-backup-file <file>*::
+Specify file with header backup file.
+endif::[]
+
+ifdef::ACTION_REENCRYPT[]
+*--force-offline-reencrypt (LUKS2 only)*::
+Bypass active device auto-detection and enforce offline reencryption.
++
+This option is useful especially for reencryption of LUKS2 images put in
+files (auto-detection is not reliable in this scenario).
++
+It may also help in case active device auto-detection on particular
+data device does not work or report errors.
++
+*WARNING:* Use with extreme caution! This may destroy data if the device
+is activated and/or actively used.
+endif::[]
+
+ifdef::ACTION_LUKSFORMAT,ACTION_LUKSADDKEY,ACTION_LUKSCHANGEKEY,ACTION_LUKSCONVERTKEY,ACTION_REENCRYPT[]
+*--force-password*::
+Do not use password quality checking for new LUKS passwords.
++
+This option is ignored if cryptsetup is built without password
+quality checking support.
++
+For more info about password quality check, see the manual page for
+*pwquality.conf(5)* and *passwdqc.conf(5)*.
+endif::[]
+
+ifdef::ACTION_CLOSE[]
+*--deferred*::
+Defers device removal in _close_ command until the last user closes
+it.
+endif::[]
+
+ifdef::ACTION_CLOSE[]
+*--cancel-deferred*::
+Removes a previously configured deferred device removal in _close_
+command.
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_LUKSRESUME,ACTION_RESIZE,ACTION_TOKEN[]
+*--disable-external-tokens*::
+Disable loading of plugins for external LUKS2 tokens.
+endif::[]
+
+ifndef::ACTION_BENCHMARK,ACTION_BITLKDUMP,ACTION_TCRYPTDUMP[]
+*--disable-locks*::
+Disable lock protection for metadata on disk. This option is valid
+only for LUKS2 and ignored for other formats.
++
+ifdef::ACTION_REENCRYPT[]
+*NOTE:* With locking disabled LUKS2 images in files can be fully (re)encrypted
+offline without need for super user privileges provided used block ciphers are
+available in crypto backend.
++
+endif::[]
+*WARNING:* Do not use this option unless you run cryptsetup in a
+restricted environment where locking is impossible to perform (where
+/run directory cannot be used).
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_RESIZE,ACTION_REFRESH,ACTION_LUKSFORMAT,ACTION_LUKSRESUME,ACTION_TOKEN,ACTION_REENCRYPT[]
+*--disable-keyring*::
+Do not load volume key in kernel keyring and store it directly in the
+dm-crypt target instead. This option is supported only for the LUKS2 type.
+endif::[]
+
+ifdef::ACTION_TOKEN[]
+*--key-description <text>*::
+Set key description in keyring for use with _token_ command.
+endif::[]
+
+ifdef::ACTION_CONFIG[]
+*--priority <normal|prefer|ignore>*::
+Set a priority for LUKS2 keyslot. The _prefer_ priority marked slots
+are tried before _normal_ priority. The _ignored_ priority means, that
+slot is never used, if not explicitly requested by _--key-slot_
+option.
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_RESIZE,ACTION_LUKSRESUME,ACTION_TOKEN,ACTION_LUKSADDKEY[]
+*--token-id*::
+ifndef::ACTION_TOKEN,ACTION_LUKSADDKEY[]
+Specify what token to use and allow token PIN prompt to take precedence over interative
+keyslot passphrase prompt. If omitted, all available tokens (not protected by PIN)
+will be checked before proceeding further with passphrase prompt.
+endif::[]
+ifdef::ACTION_LUKSADDKEY[]
+Specify what token to use when unlocking existing keyslot to get volume key.
+endif::[]
+ifdef::ACTION_TOKEN[]
+Specify token number. If omitted, first unused token id is used when adding or importing
+new token.
+endif::[]
+endif::[]
+
+ifdef::ACTION_LUKSADDKEY[]
+*--new-token-id*::
+Specify what token to use to get the passphrase for a new keyslot.
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_RESIZE,ACTION_LUKSRESUME,ACTION_LUKSADDKEY[]
+*--token-only*::
+ifndef::ACTION_LUKSADDKEY[]
+Do not proceed further with action if token based keyslot unlock failed. Without the
+option, action asks for passphrase to proceed further.
++
+It allows LUKS2 tokens protected by PIN to take precedence over interactive keyslot
+passphrase prompt.
+endif::[]
+ifdef::ACTION_LUKSADDKEY[]
+Use only LUKS2 tokens to unlock existing volume key.
++
+*NOTE*: To create a new keyslot using passphrase provided by a token use --new-token-id parameter.
+endif::[]
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_RESIZE,ACTION_LUKSRESUME,ACTION_LUKSADDKEY[]
+*--token-type* _type_::
+ifndef::ACTION_LUKSADDKEY[]
+Restrict tokens eligible for operation to specific token _type_.
+Mostly useful when no --token-id is specified.
++
+It allows LUKS2 _type_ tokens protected by PIN to take precedence over interactive keyslot
+passphrase prompt.
+endif::[]
+ifdef::ACTION_LUKSADDKEY[]
+Specify what token type (all _type_ tokens) to use when unlocking existing keyslot to get volume key.
+endif::[]
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_LUKSFORMAT,ACTION_REENCRYPT[]
+ifndef::ACTION_REENCRYPT[]
+*--sector-size* _bytes_::
+endif::[]
+ifndef::ACTION_REENCRYPT[]
+ifdef::ACTION_OPEN[]
+Set encryption sector size for use with _plain_ device type. It must be power of two
+and in range 512 - 4096 bytes. The default mode is 512 bytes.
++
+Note that if sector size is higher than underlying device hardware
+sector, using this option can increase risk on incomplete sector writes during a
+power fail.
+endif::[]
+ifdef::ACTION_LUKSFORMAT[]
+Set sector size for use with disk encryption. It must be power of two
+and in range 512 - 4096 bytes. This option is available only with LUKS2
+format.
++
+For LUKS2 devices it's established based on parameters provided by
+underlying data device. For native 4K block devices it's 4096 bytes.
+For 4K/512e (4K physical sector size with 512 bytes emulation) it's
+4096 bytes. For drives reporting only 512 bytes block size it remains
+512 bytes. If data device is regular file put in filesystem it's 4096
+bytes.
++
+Note that if sector size is higher than underlying device hardware
+sector and there is not integrity protection that uses data journal,
+using this option can increase risk on incomplete sector writes during a
+power fail.
++
+If used together with _--integrity_ option and dm-integrity journal, the
+atomicity of writes is guaranteed in all cases (but it cost write
+performance - data has to be written twice).
+endif::[]
++
+Increasing sector size from 512 bytes to 4096 bytes can provide better
+performance on most of the modern storage devices and also with some hw
+encryption accelerators.
+endif::[]
+ifdef::ACTION_REENCRYPT[]
+*--sector-size* _bytes_ *(LUKS2 only)*::
+Reencrypt device with new encryption sector size enforced.
++
+*WARNING:* Increasing encryption sector size may break hosted filesystem. Do not
+run reencryption with --force-offline-reencrypt if unsure what block size
+was filesystem formatted with.
+endif::[]
+endif::[]
+
+ifdef::ACTION_OPEN[]
+*--iv-large-sectors*::
+Count Initialization Vector (IV) in larger sector size (if set)
+instead of 512 bytes sectors. This option can be used only with _plain_
+device type.
++
+*NOTE:* This option does not have any performance or security impact,
+use it only for accessing incompatible existing disk images from other
+systems that require this option.
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_REFRESH[]
+*--persistent*::
+If used with LUKS2 devices and activation commands like _open_ or
+_refresh_, the specified activation flags are persistently written
+into metadata and used next time automatically even for normal
+activation. (No need to use cryptab or other system configuration
+files.)
++
+If you need to remove a persistent flag, use _--persistent_ without the
+flag you want to remove (e.g. to disable persistently stored discard
+flag, use _--persistent_ without _--allow-discards_).
++
+Only _--allow-discards_, _--perf-same_cpu_crypt_,
+_--perf-submit_from_crypt_cpus_, _--perf-no_read_workqueue_,
+_--perf-no_write_workqueue_ and _--integrity-no-journal_ can be stored
+persistently.
+endif::[]
+
+ifdef::ACTION_OPEN[]
+*--refresh*::
+Refreshes an active device with new set of parameters. See
+*cryptsetup-refresh*(8) for more details.
+endif::[]
+
+ifdef::ACTION_LUKSFORMAT,ACTION_CONFIG,ACTION_REENCRYPT[]
+*--label <LABEL> --subsystem <SUBSYSTEM>*::
+Set label and subsystem description for LUKS2 device.
+The label and subsystem are optional fields and can be later used
+in udev scripts for triggering user actions once the device marked
+by these labels is detected.
+endif::[]
+
+ifdef::ACTION_LUKSFORMAT[]
+*--integrity <integrity algorithm>*::
+Specify integrity algorithm to be used for authenticated disk
+encryption in LUKS2.
++
+*WARNING: This extension is EXPERIMENTAL* and requires dm-integrity
+kernel target (available since kernel version 4.12). For native AEAD
+modes, also enable "User-space interface for AEAD cipher algorithms" in
+"Cryptographic API" section (CONFIG_CRYPTO_USER_API_AEAD .config
+option).
++
+For more info, see _AUTHENTICATED DISK ENCRYPTION_ section in *cryptsetup*(8).
+endif::[]
+
+ifdef::ACTION_LUKSFORMAT[]
+*--integrity-legacy-padding*::
+Use inefficient legacy padding.
++
+*WARNING*: Do not use this option until you need compatibility with specific
+old kernel.
+endif::[]
+
+ifdef::ACTION_LUKSFORMAT,ACTION_REENCRYPT[]
+*--luks2-metadata-size <size>*::
+This option can be used to enlarge the LUKS2 metadata (JSON) area. The
+size includes 4096 bytes for binary metadata (usable JSON area is
+smaller of the binary area). According to LUKS2 specification, only
+these values are valid: 16, 32, 64, 128, 256, 512, 1024, 2048 and 4096
+kB The <size> can be specified with unit suffix (for example 128k).
+endif::[]
+
+ifdef::ACTION_LUKSFORMAT,ACTION_REENCRYPT[]
+*--luks2-keyslots-size <size>*::
+This option can be used to set specific size of the LUKS2 binary
+keyslot area (key material is encrypted there). The value must be
+aligned to multiple of 4096 bytes with maximum size 128MB. The <size>
+can be specified with unit suffix (for example 128k).
+endif::[]
+
+ifdef::ACTION_LUKSFORMAT,ACTION_LUKSADDKEY,ACTION_LUKSCHANGEKEY,ACTION_LUKSCONVERTKEY,ACTION_REENCRYPT[]
+*--keyslot-cipher <cipher-spec>*::
+This option can be used to set specific cipher encryption for the
+LUKS2 keyslot area.
+endif::[]
+
+ifdef::ACTION_LUKSFORMAT,ACTION_LUKSADDKEY,ACTION_LUKSCHANGEKEY,ACTION_LUKSCONVERTKEY,ACTION_REENCRYPT[]
+*--keyslot-key-size <bits>*::
+This option can be used to set specific key size for the LUKS2 keyslot
+area.
+endif::[]
+
+ifdef::ACTION_REFRESH[]
+*--integrity-no-journal*::
+Activate device with integrity protection without using data journal
+(direct write of data and integrity tags). Note that without journal
+power fail can cause non-atomic write and data corruption. Use only if
+journalling is performed on a different storage layer.
+endif::[]
+
+ifdef::ACTION_LUKSFORMAT[]
+*--integrity-no-wipe*::
+Skip wiping of device authentication (integrity) tags. If you skip
+this step, sectors will report invalid integrity tag until an
+application write to the sector.
++
+*NOTE:* Even some writes to the device can fail if the write is not
+aligned to page size and page-cache initiates read of a sector with
+invalid integrity tag.
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_LUKSADDKEY,ACTION_LUKSDUMP,ACTION_TOKEN[]
+*--unbound*::
+ifdef::ACTION_LUKSADDKEY[]
+Creates new LUKS2 unbound keyslot.
+endif::[]
+ifdef::ACTION_LUKSDUMP[]
+Dumps existing LUKS2 unbound keyslot.
+endif::[]
+ifdef::ACTION_OPEN[]
+Allowed only together with --test-passphrase parameter, it allows one to test
+passphrase for unbound LUKS2 keyslot. Otherwise, unbound keyslot passphrase
+can be tested only when specific keyslot is selected via --key-slot parameter.
+endif::[]
+ifdef::ACTION_TOKEN[]
+Creates new LUKS2 keyring token assigned to no keyslot. Usable only with _add_ action.
+endif::[]
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_TCRYPTDUMP[]
+*--tcrypt-hidden*::
+*--tcrypt-system*::
+*--tcrypt-backup*::
+Specify which TrueCrypt on-disk
+header will be used to open the device. See _TCRYPT_ section in
+*cryptsetup*(8) for more info.
+endif::[]
+
+ifdef::ACTION_TCRYPTDUMP,ACTION_OPEN[]
+*--veracrypt*::
+This option is ignored as VeraCrypt compatible mode is supported by
+default.
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_TCRYPTDUMP[]
+*--disable-veracrypt*::
+This option can be used to disable VeraCrypt compatible mode (only
+TrueCrypt devices are recognized). Only for TCRYPT extension. See
+_TCRYPT_ section in *cryptsetup*(8) for more info.
+endif::[]
+
+ifdef::ACTION_OPEN,ACTION_TCRYPTDUMP[]
+*--veracrypt-pim*::
+*--veracrypt-query-pim*::
+Use a custom Personal Iteration Multiplier (PIM) for
+VeraCrypt device. See _TCRYPT_ section in *cryptsetup*(8) for more info.
+endif::[]
+
+ifdef::ACTION_OPEN[]
+*--serialize-memory-hard-pbkdf*::
+Use a global lock to serialize unlocking of keyslots using memory-hard
+PBKDF.
++
+*NOTE:* This is (ugly) workaround for a specific situation when multiple
+devices are activated in parallel and system instead of reporting out of
+memory starts unconditionally stop processes using out-of-memory killer.
++
+*DO NOT USE* this switch until you are implementing boot environment
+with parallel devices activation!
+endif::[]
+
+ifdef::ACTION_REENCRYPT[]
+*--encrypt, --new, -N*::
+Initialize (and run) device in-place encryption mode.
+endif::[]
+
+ifdef::ACTION_REENCRYPT[]
+*--decrypt*::
+Initialize (and run) device decryption mode.
+endif::[]
+
+ifdef::ACTION_REENCRYPT[]
+*--init-only (LUKS2 only)*::
+Initialize reencryption (any mode) operation in LUKS2 metadata only
+and exit. If any reencrypt operation is already initialized in
+metadata, the command with --init-only parameter fails.
+endif::[]
+
+ifdef::ACTION_REENCRYPT[]
+*--resume-only (LUKS2 only)*::
+Resume reencryption (any mode) operation already described in LUKS2
+metadata. If no reencrypt operation is initialized, the command with
+--resume-only parameter fails. Useful for resuming reencrypt operation
+without accidentally triggering new reencryption operation.
+endif::[]
+
+ifdef::ACTION_REENCRYPT[]
+*--resilience* _mode_ *(LUKS2 only)*::
+Reencryption resilience _mode_ can be one of _checksum_, _journal_ or
+_none_.
++
+_checksum_: default mode, where individual checksums of ciphertext
+hotzone sectors are stored, so the recovery process can detect which
+sectors were already reencrypted. It requires that the device sector
+write is atomic.
++
+_journal_: the hotzone is journaled in the binary area (so the data are
+written twice).
++
+_none_: performance mode. There is no protection and the only way it's
+safe to interrupt the reencryption is similar to old offline
+reencryption utility.
++
+Resilience modes can be changed unless _datashift_ mode is used for
+operation initialization (encryption with --reduce-device-size option)
+endif::[]
+
+ifdef::ACTION_REENCRYPT[]
+*--resilience-hash* _hash_ *(LUKS2 only)*::
+The _hash_ algorithm used with "--resilience checksum" only. The default
+hash is sha256. With other resilience modes, the hash parameter is
+ignored.
+endif::[]
+
+ifdef::ACTION_REENCRYPT[]
+*--hotzone-size* _size_ *(LUKS2 only)*::
+This option can be used to set an upper limit on the size of
+reencryption area (hotzone). The _size_ can be specified with unit
+suffix (for example 50M). Note that actual hotzone size may be less
+than specified <size> due to other limitations (free space in keyslots
+area or available memory).
++
+With decryption mode for devices with LUKS2 header placed in head of data
+device, the option specifies how large is the first data segment moved
+from original data offset pointer.
+endif::[]
+
+ifdef::ACTION_REENCRYPT[]
+*--reduce-device-size* _size_::
+This means that last _size_ sectors on the original device will be lost,
+data will be effectively shifted by specified number of sectors.
++
+It could be useful if you added some space to underlying partition or
+logical volume (so last _size_ sectors contains no data).
++
+For units suffix see --device-size parameter description.
++
+*WARNING:* This is a destructive operation and cannot be reverted. Use
+with extreme care - accidentally overwritten filesystems are usually
+unrecoverable.
++
+*LUKS2*:
+Initialize LUKS2 reencryption with data device size reduction
+(currently only encryption mode is supported).
++
+Recommended minimal size is twice the default LUKS2 header size
+(--reduce-device-size 32M) for encryption mode.
++
+*LUKS1*:
+Enlarge data offset to specified value by shrinking device size.
++
+You cannot shrink device more than by 64 MiB (131072 sectors).
+endif::[]
+
+ifdef::COMMON_OPTIONS[]
+*--batch-mode, -q*::
+Suppresses all confirmation questions. Use with care!
++
+If the --verify-passphrase option is not specified, this option also
+switches off the passphrase verification.
+endif::[]
+
+ifdef::COMMON_OPTIONS[]
+*--debug or --debug-json*::
+Run in debug mode with full diagnostic logs. Debug output lines are
+always prefixed by *#*.
++
+If --debug-json is used, additional LUKS2 JSON data structures are printed.
+endif::[]
+
+ifdef::COMMON_OPTIONS[]
+*--version, -V*::
+Show the program version.
+endif::[]
+
+ifdef::COMMON_OPTIONS[]
+*--usage*::
+Show short option help.
+endif::[]
+
+ifdef::COMMON_OPTIONS[]
+*--help, -?*::
+Show help text and default parameters.
+endif::[]
diff --git a/man/cryptsetup-benchmark.8.adoc b/man/cryptsetup-benchmark.8.adoc
new file mode 100644
index 0000000..caaacba
--- /dev/null
+++ b/man/cryptsetup-benchmark.8.adoc
@@ -0,0 +1,41 @@
+= cryptsetup-benchmark(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_BENCHMARK:
+
+== Name
+
+cryptsetup-benchmark - benchmarks ciphers and KDF
+
+== SYNOPSIS
+
+*cryptsetup _benchmark_ [<options>]*
+
+== DESCRIPTION
+
+Benchmarks ciphers and KDF (key derivation function). Without
+parameters, it tries to measure few common configurations.
+
+To benchmark other ciphers or modes, you need to specify *--cipher* and
+*--key-size* options.
+
+To benchmark PBKDF you need to specify *--pbkdf* or *--hash* with optional
+cost parameters *--iter-time*, *--pbkdf-memory* or *--pbkdf-parallel*.
+
+*NOTE:* This benchmark uses memory only and is only informative. You
+cannot directly predict real storage encryption speed from it.
+
+For testing block ciphers, this benchmark requires kernel userspace
+crypto API to be available (introduced in Linux kernel 2.6.38). If you
+are configuring kernel yourself, enable "User-space interface for
+symmetric key cipher algorithms" in "Cryptographic API" section
+(CRYPTO_USER_API_SKCIPHER .config option).
+
+*<options>* can be [--cipher, --key-size, --hash, --pbkdf, --iter-time,
+--pbkdf-memory, --pbkdf-parallel].
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-bitlkDump.8.adoc b/man/cryptsetup-bitlkDump.8.adoc
new file mode 100644
index 0000000..6dc273f
--- /dev/null
+++ b/man/cryptsetup-bitlkDump.8.adoc
@@ -0,0 +1,34 @@
+= cryptsetup-bitlkDump(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_BITLKDUMP:
+
+== Name
+
+cryptsetup-bitlkDump - dump the header information of a BITLK (BitLocker compatible) device
+
+== SYNOPSIS
+
+*cryptsetup _bitlkDump_ [<options>] <device>*
+
+== DESCRIPTION
+
+Dump the header information of a BITLK (BitLocker compatible) device.
+
+If the --dump-volume-key option is used, the BITLK device volume key
+is dumped instead of header information. You have to provide password
+or keyfile to dump volume key.
+
+Beware that the volume key can be used to decrypt the data stored in
+the container without a passphrase.
+This means that if the volume key is compromised, the whole device has
+to be erased to prevent further access. Use this option carefully.
+
+*<options>* can be [--dump-volume-key, --volume-key-file, --key-file,
+--keyfile-offset, --keyfile-size, --timeout].
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-close.8.adoc b/man/cryptsetup-close.8.adoc
new file mode 100644
index 0000000..28813d3
--- /dev/null
+++ b/man/cryptsetup-close.8.adoc
@@ -0,0 +1,30 @@
+= cryptsetup-close(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_CLOSE:
+
+== Name
+
+cryptsetup-close - removes the existing mapping <name> (and the associated key)
+
+== SYNOPSIS
+
+*cryptsetup _close_ [<options>] <name>*
+
+== DESCRIPTION
+
+Removes the existing mapping <name> and wipes the key from kernel
+memory.
+
+For backward compatibility, there are *close* command aliases: *remove*,
+*plainClose*, *luksClose*, *loopaesClose*, *tcryptClose*, *bitlkClose*
+(all behave exactly the same, device type is determined automatically
+from the active device).
+
+*<options>* can be [--deferred, --cancel-deferred, --header, --disable-locks].
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-config.8.adoc b/man/cryptsetup-config.8.adoc
new file mode 100644
index 0000000..c664242
--- /dev/null
+++ b/man/cryptsetup-config.8.adoc
@@ -0,0 +1,30 @@
+= cryptsetup-config(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_CONFIG:
+
+== Name
+
+cryptsetup-config - set permanent configuration options (store to LUKS header)
+
+== SYNOPSIS
+
+*cryptsetup _config_ <options> <device>*
+
+== DESCRIPTION
+
+Set permanent configuration options (store to LUKS header). The _config_
+command is supported only for LUKS2.
+
+The permanent options can be _--priority_ to set priority (normal,
+prefer, ignore) for keyslot (specified by _--key-slot_) or _--label_ and
+_--subsystem_.
+
+*<options>* can be [--priority, --label, --subsystem, --key-slot,
+--header, --disable-locks].
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-convert.8.adoc b/man/cryptsetup-convert.8.adoc
new file mode 100644
index 0000000..dbb4c23
--- /dev/null
+++ b/man/cryptsetup-convert.8.adoc
@@ -0,0 +1,37 @@
+= cryptsetup-convert(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_CONVERT:
+
+== Name
+
+cryptsetup-convert - converts the device between LUKS1 and LUKS2 format
+
+== SYNOPSIS
+
+*cryptsetup _convert_ --type <format> [<options>] <device>*
+
+== DESCRIPTION
+
+Converts the device between LUKS1 and LUKS2 format (if possible). The
+conversion will not be performed if there is an additional LUKS2 feature
+or LUKS1 has unsupported header size.
+
+Conversion (both directions) must be performed on inactive device. There
+must not be active dm-crypt mapping established for LUKS header
+requested for conversion.
+
+The *--type* option is mandatory with the following accepted values: _luks1_ or
+_luks2_.
+
+*WARNING:* The _convert_ action can destroy the LUKS header in the case
+of a crash during conversion or if a media error occurs. Always create a
+header backup before performing this operation!
+
+*<options>* can be [--header, --type, --disable-locks].
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-erase.8.adoc b/man/cryptsetup-erase.8.adoc
new file mode 100644
index 0000000..97a13aa
--- /dev/null
+++ b/man/cryptsetup-erase.8.adoc
@@ -0,0 +1,28 @@
+= cryptsetup-erase(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_ERASE:
+
+== Name
+
+cryptsetup-erase, cryptsetup-luksErase - erase all keyslots
+
+== SYNOPSIS
+
+*cryptsetup _erase_ [<options>] <device>* +
+*cryptsetup _luksErase_ [<options>] <device>*
+
+== DESCRIPTION
+
+Erase all keyslots and make the LUKS container permanently inaccessible.
+You do not need to provide any password for this operation.
+
+*WARNING:* This operation is irreversible.
+
+*<options>* can be [--header, --disable-locks].
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-fvault2Dump.8.adoc b/man/cryptsetup-fvault2Dump.8.adoc
new file mode 100644
index 0000000..0831899
--- /dev/null
+++ b/man/cryptsetup-fvault2Dump.8.adoc
@@ -0,0 +1,34 @@
+= cryptsetup-fvault2Dump(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_BITLKDUMP:
+
+== Name
+
+cryptsetup-fvault2Dump - dump the header information of a FVAULT2 (FileVault2 compatible) device
+
+== SYNOPSIS
+
+*cryptsetup _fvault2Dump_ [<options>] <device>*
+
+== DESCRIPTION
+
+Dump the header information of a FVAULT2 (FileVault2 compatible) device.
+
+If the --dump-volume-key option is used, the FVAULT2 device volume key
+is dumped instead of header information. You have to provide password
+or keyfile to dump volume key.
+
+Beware that the volume key can be used to decrypt the data stored in
+the container without a passphrase.
+This means that if the volume key is compromised, the whole device has
+to be erased to prevent further access. Use this option carefully.
+
+*<options>* can be [--dump-volume-key, --volume-key-file, --key-file,
+--keyfile-offset, --keyfile-size, --timeout].
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-isLuks.8.adoc b/man/cryptsetup-isLuks.8.adoc
new file mode 100644
index 0000000..aac559c
--- /dev/null
+++ b/man/cryptsetup-isLuks.8.adoc
@@ -0,0 +1,29 @@
+= cryptsetup-isLuks(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_ISLUKS:
+
+== Name
+
+cryptsetup-isLuks - check if a device is a LUKS device
+
+== SYNOPSIS
+
+*cryptsetup _isLuks_ [<options>] <device>*
+
+== DESCRIPTION
+
+Returns true, if <device> is a LUKS device, false otherwise.
+
+Use option -v to get human-readable feedback.
+'Command successful.' means the device is a LUKS device.
+
+By specifying --type you may query for specific LUKS version.
+
+*<options>* can be [--header, --type, --disable-locks].
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-luksAddKey.8.adoc b/man/cryptsetup-luksAddKey.8.adoc
new file mode 100644
index 0000000..9686a1d
--- /dev/null
+++ b/man/cryptsetup-luksAddKey.8.adoc
@@ -0,0 +1,71 @@
+= cryptsetup-luksAddKey(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_LUKSADDKEY:
+
+== Name
+
+cryptsetup-luksAddKey - add a new passphrase
+
+== SYNOPSIS
+
+*cryptsetup _luksAddKey_ [<options>] <device> [<key file with new key>]*
+
+== DESCRIPTION
+
+Adds a keyslot protected by a new passphrase. An existing passphrase
+must be supplied interactively, via --key-file or LUKS2 token (plugin).
+Alternatively to existing passphrase user may pass directly volume key
+(via --volume-key-file). The new passphrase to be added can be specified
+interactively, read from the file given as the positional argument (also
+via --new-keyfile parameter) or via LUKS2 token.
+
+*NOTE:* with --unbound option the action creates new unbound LUKS2
+keyslot. The keyslot cannot be used for device activation. If you don't
+pass new key via --volume-key-file option, new random key is generated.
+Existing passphrase for any active keyslot is not required.
+
+*NOTE:* some parameters are effective only if used with LUKS2 format
+that supports per-keyslot parameters. For LUKS1, PBKDF type and hash
+algorithm is always the same for all keyslots.
+
+*<options>* can be [--key-file, --keyfile-offset, --keyfile-size,
+--new-keyfile, --new-keyfile-offset, --new-keyfile-size, --key-slot,
+--new-key-slot, --volume-key-file, --force-password, --hash, --header,
+--disable-locks, --iter-time, --pbkdf, --pbkdf-force-iterations,
+--pbkdf-memory, --pbkdf-parallel, --unbound, --type, --keyslot-cipher,
+--keyslot-key-size, --key-size, --timeout, --token-id, --token-type,
+--token-only, --new-token-id, --verify-passphrase].
+
+include::man/common_options.adoc[]
+
+== EXAMPLES
+
+*NOTE*: When not specified otherwise interactive passphrase prompt is always default method.
+
+Add new keyslot using interactive passphrase prompt for both existing and new passphrase:
+
+*cryptsetup luksAddKey /dev/device*
+
+Add new keyslot using LUKS2 tokens to unlock existing keyslot with interactive passphrase prompt for new passphrase:
+
+*cryptsetup luksAddKey --token-only /dev/device*
+
+Add new keyslot using LUKS2 systemd-tpm2 tokens to unlock existing keyslot with interactive passphrase prompt for new passphrase (systemd-tpm2 token plugin must be available):
+
+*cryptsetup luksAddKey --token-type systemd-tpm2 /dev/device*
+
+Add new keyslot using interactive passphrase prompt for existing keyslot, reading new passphrase from key_file:
+
+*cryptsetup luksAddKey --new-keyfile key_file /dev/device* or
+*cryptsetup luksAddKey /dev/device key_file*
+
+Add new keyslot using volume stored in volume_key_file and LUKS2 token in slot 5 to get new keyslot passphrase (token in slot 5 must exist
+and respective token plugin must be available):
+
+*cryptsetup luksAddKey --volume-key-file volume_key_file --new-token-id 5 /dev/device*
+
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-luksChangeKey.8.adoc b/man/cryptsetup-luksChangeKey.8.adoc
new file mode 100644
index 0000000..7dd5f3b
--- /dev/null
+++ b/man/cryptsetup-luksChangeKey.8.adoc
@@ -0,0 +1,46 @@
+= cryptsetup-luksChangeKey(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_LUKSCHANGEKEY:
+
+== Name
+
+cryptsetup-luksChangeKey - change an existing passphrase
+
+== SYNOPSIS
+
+*cryptsetup _luksChangeKey_ [<options>] <device> [<new key file>]*
+
+== DESCRIPTION
+
+Changes an existing passphrase. The passphrase to be changed must be
+supplied interactively or via --key-file. The new passphrase can be
+supplied interactively or in a file given as the positional argument.
+
+If a key-slot is specified (via --key-slot), the passphrase for that
+key-slot must be given and the new passphrase will overwrite the
+specified key-slot. If no key-slot is specified and there is still a
+free key-slot, then the new passphrase will be put into a free key-slot
+before the key-slot containing the old passphrase is purged. If there is
+no free key-slot, then the key-slot with the old passphrase is
+overwritten directly.
+
+*WARNING:* If a key-slot is overwritten, a media failure during this
+operation can cause the overwrite to fail after the old passphrase has
+been wiped and make the LUKS container inaccessible.
+
+*NOTE:* some parameters are effective only if used with LUKS2 format
+that supports per-keyslot parameters. For LUKS1, PBKDF type and hash
+algorithm is always the same for all keyslots.
+
+*<options>* can be [--key-file, --keyfile-offset, --keyfile-size,
+--new-keyfile-offset, --iter-time, --pbkdf, --pbkdf-force-iterations,
+--pbkdf-memory, --pbkdf-parallel, --new-keyfile-size, --key-slot,
+--force-password, --hash, --header, --disable-locks, --type,
+--keyslot-cipher, --keyslot-key-size, --timeout, --verify-passphrase].
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-luksConvertKey.8.adoc b/man/cryptsetup-luksConvertKey.8.adoc
new file mode 100644
index 0000000..c626542
--- /dev/null
+++ b/man/cryptsetup-luksConvertKey.8.adoc
@@ -0,0 +1,41 @@
+= cryptsetup-luksConvertKey(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_LUKSCONVERTKEY:
+
+== Name
+
+cryptsetup-luksConvertKey - converts an existing LUKS2 keyslot to new PBKDF parameters
+
+== SYNOPSIS
+
+*cryptsetup _luksConvertKey_ [<options>] <device>*
+
+== DESCRIPTION
+
+Converts an existing LUKS2 keyslot to new PBKDF parameters. The
+passphrase for keyslot to be converted must be supplied interactively or
+via --key-file. If no --pbkdf parameters are specified LUKS2 default
+PBKDF values will apply.
+
+If a keyslot is specified (via --key-slot), the passphrase for that
+keyslot must be given. If no keyslot is specified and there is still a
+free keyslot, then the new parameters will be put into a free keyslot
+before the keyslot containing the old parameters is purged. If there is
+no free keyslot, then the keyslot with the old parameters is overwritten
+directly.
+
+*WARNING:* If a keyslot is overwritten, a media failure during this
+operation can cause the overwrite to fail after the old parameters have
+been wiped and make the LUKS container inaccessible.
+
+*<options>* can be [--key-file, --keyfile-offset, --keyfile-size,
+--key-slot, --hash, --header, --disable-locks, --iter-time, --pbkdf,
+--pbkdf-force-iterations, --pbkdf-memory, --pbkdf-parallel,
+--keyslot-cipher, --keyslot-key-size, --timeout, --verify-passphrase].
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-luksDump.8.adoc b/man/cryptsetup-luksDump.8.adoc
new file mode 100644
index 0000000..f9f3910
--- /dev/null
+++ b/man/cryptsetup-luksDump.8.adoc
@@ -0,0 +1,50 @@
+= cryptsetup-luksDump(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_LUKSDUMP:
+
+== Name
+
+cryptsetup-luksDump - dump the header information of a LUKS device
+
+== SYNOPSIS
+
+*cryptsetup _luksDump_ [<options>] <device>*
+
+== DESCRIPTION
+
+Dump the header information of a LUKS device.
+
+If the --dump-volume-key option is used, the LUKS device volume key is
+dumped instead of the keyslot info. Together with the --volume-key-file
+option, volume key is dumped to a file instead of standard output.
+Beware that the volume key cannot be changed without reencryption and
+can be used to decrypt the data stored in the LUKS container without a
+passphrase and even without the LUKS header. This means that if the
+volume key is compromised, the whole device has to be erased or
+reencrypted to prevent further access. Use this option carefully.
+
+To dump the volume key, a passphrase has to be supplied, either
+interactively or via --key-file.
+
+To dump unbound key (LUKS2 format only), --unbound parameter, specific
+--key-slot id and proper passphrase has to be supplied, either
+interactively or via --key-file. Optional --volume-key-file parameter
+enables unbound keyslot dump to a file.
+
+To dump LUKS2 JSON metadata (without basic header information like UUID)
+use --dump-json-metadata option.
+
+*<options>* can be [--dump-volume-key, --dump-json-metadata, --key-file,
+--keyfile-offset, --keyfile-size, --header, --disable-locks,
+--volume-key-file, --type, --unbound, --key-slot, --timeout].
+
+*WARNING:* If --dump-volume-key is used with --key-file and the argument
+to --key-file is '-', no validation question will be asked and no
+warning given.
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-luksFormat.8.adoc b/man/cryptsetup-luksFormat.8.adoc
new file mode 100644
index 0000000..be241f8
--- /dev/null
+++ b/man/cryptsetup-luksFormat.8.adoc
@@ -0,0 +1,51 @@
+= cryptsetup-luksFormat(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_LUKSFORMAT:
+
+== Name
+
+cryptsetup-luksFormat - initialize a LUKS partition and set the initial passphrase
+
+== SYNOPSIS
+
+*cryptsetup _luksFormat_ [<options>] <device> [<key file>]*
+
+== DESCRIPTION
+
+Initializes a LUKS partition and sets the initial passphrase (for
+key-slot 0), either via prompting or via <key file>. Note that if the
+second argument is present, then the passphrase is taken from the file
+given there, without the need to use the --key-file option. Also note
+that for both forms of reading the passphrase from a file you can give
+'-' as file name, which results in the passphrase being read from stdin
+and the safety-question being skipped.
+
+You cannot call luksFormat on a device or filesystem that is mapped or
+in use, e.g., mounted filesystem, used in LVM, active RAID member, etc. The
+device or filesystem has to be un-mounted in order to call luksFormat.
+
+To use specific version of LUKS format, use _--type luks1_ or _type luks2_.
+
+*<options>* can be [--hash, --cipher, --verify-passphrase, --key-size,
+--key-slot, --key-file (takes precedence over optional second argument),
+--keyfile-offset, --keyfile-size, --use-random, --use-urandom, --uuid,
+--volume-key-file, --iter-time, --header, --pbkdf-force-iterations,
+--force-password, --disable-locks, --timeout, --type, --offset,
+--align-payload (deprecated)].
+
+For LUKS2, additional *<options>* can be [--integrity,
+--integrity-no-wipe, --sector-size, --label, --subsystem, --pbkdf,
+--pbkdf-memory, --pbkdf-parallel, --disable-locks, --disable-keyring,
+--luks2-metadata-size, --luks2-keyslots-size, --keyslot-cipher,
+--keyslot-key-size, --integrity-legacy-padding].
+
+*WARNING:* Doing a luksFormat on an existing LUKS container will make
+all data in the old container permanently irretrievable unless you have a
+header backup.
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-luksHeaderBackup.8.adoc b/man/cryptsetup-luksHeaderBackup.8.adoc
new file mode 100644
index 0000000..1f57f25
--- /dev/null
+++ b/man/cryptsetup-luksHeaderBackup.8.adoc
@@ -0,0 +1,35 @@
+= cryptsetup-luksHeaderBackup(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_LUKSHEADERBACKUP:
+
+== Name
+
+cryptsetup-luksHeaderBackup - store a binary backup of the LUKS header and keyslot area
+
+== SYNOPSIS
+
+*cryptsetup _luksHeaderBackup_ --header-backup-file <file> [<options>] <device>*
+
+== DESCRIPTION
+
+Stores a binary backup of the LUKS header and keyslot area. +
+*NOTE:* Using '-' as filename writes the header backup to a file named
+'-'.
+
+*<options>* can be [--header, --header-backup-file, --disable-locks].
+
+*WARNING:* This backup file and a passphrase valid at the time of backup
+allows decryption of the LUKS data area, even if the passphrase was
+later changed or removed from the LUKS device. Also note that with a
+header backup you lose the ability to securely wipe the LUKS device by
+just overwriting the header and key-slots. You either need to securely
+erase all header backups in addition or overwrite the encrypted data
+area as well. The second option is less secure, as some sectors can
+survive, e.g., due to defect management.
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-luksHeaderRestore.8.adoc b/man/cryptsetup-luksHeaderRestore.8.adoc
new file mode 100644
index 0000000..e7fa8aa
--- /dev/null
+++ b/man/cryptsetup-luksHeaderRestore.8.adoc
@@ -0,0 +1,34 @@
+= cryptsetup-luksHeaderRestore(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_LUKSHEADERRESTORE:
+
+== Name
+
+cryptsetup-luksHeaderRestore - restore a binary backup of the LUKS header and keyslot area
+
+== SYNOPSIS
+
+*cryptsetup _luksHeaderRestore_ --header-backup-file <file> [<options>] <device>*
+
+== DESCRIPTION
+
+Restores a binary backup of the LUKS header and keyslot area from the
+specified file. +
+*NOTE:* Using '-' as filename reads the header backup from a file named '-'.
+
+*<options>* can be [--header, --header-backup-file, --disable-locks].
+
+*WARNING:* Header and keyslots will be replaced, only the passphrases
+from the backup will work afterward.
+
+This command requires that the volume key size and data offset of the
+LUKS header already on the device and of the header backup match.
+Alternatively, if there is no LUKS header on the device, the backup will
+also be written to it.
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-luksKillSlot.8.adoc b/man/cryptsetup-luksKillSlot.8.adoc
new file mode 100644
index 0000000..4575387
--- /dev/null
+++ b/man/cryptsetup-luksKillSlot.8.adoc
@@ -0,0 +1,40 @@
+= cryptsetup-luksKillSlot(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_LUKSKILLSLOT:
+
+== Name
+
+cryptsetup-luksKillSlot - wipe a key-slot from the LUKS device
+
+== SYNOPSIS
+
+*cryptsetup _luksKillSlot_ [<options>] <device> <key slot number>*
+
+== DESCRIPTION
+
+Wipe the key-slot number <key slot> from the LUKS device. Except running
+in batch-mode (-q) a remaining passphrase must be supplied, either
+interactively or via --key-file. This command can remove the last
+remaining key-slot, but requires an interactive confirmation when doing
+so. Removing the last passphrase makes a LUKS container permanently
+inaccessible.
+
+*<options>* can be [--key-file, --keyfile-offset, --keyfile-size,
+--header, --disable-locks, --type, --verify-passphrase, --timeout].
+
+*WARNING:* If you read the passphrase from stdin (without further
+argument or with '-' as an argument to --key-file), batch-mode (-q) will
+be implicitly switched on and no warning will be given when you remove
+the last remaining passphrase from a LUKS container. Removing the last
+passphrase makes the LUKS container permanently inaccessible.
+
+*NOTE:* If there is no passphrase provided (on stdin or through
+--key-file argument) and batch-mode (-q) is active, the key-slot is
+removed without any other warning.
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-luksRemoveKey.8.adoc b/man/cryptsetup-luksRemoveKey.8.adoc
new file mode 100644
index 0000000..b414f18
--- /dev/null
+++ b/man/cryptsetup-luksRemoveKey.8.adoc
@@ -0,0 +1,33 @@
+= cryptsetup-luksRemoveKey(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_LUKSREMOVEKEY:
+
+== Name
+
+cryptsetup-luksRemoveKey - remove the supplied passphrase from the LUKS device
+
+== SYNOPSIS
+
+*cryptsetup _luksRemoveKey_ [<options>] <device> [<key file with passphrase to be removed>]*
+
+== DESCRIPTION
+
+Removes the supplied passphrase from the LUKS device. The passphrase to
+be removed can be specified interactively, as the positional argument or
+via --key-file.
+
+*<options>* can be [--key-file, --keyfile-offset, --keyfile-size,
+--header, --disable-locks, --type, --timeout, --verify-passphrase].
+
+*WARNING:* If you read the passphrase from stdin (without further
+argument or with '-' as an argument to --key-file), batch-mode (-q) will
+be implicitly switched on and no warning will be given when you remove
+the last remaining passphrase from a LUKS container. Removing the last
+passphrase makes the LUKS container permanently inaccessible.
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-luksResume.8.adoc b/man/cryptsetup-luksResume.8.adoc
new file mode 100644
index 0000000..9d81cbc
--- /dev/null
+++ b/man/cryptsetup-luksResume.8.adoc
@@ -0,0 +1,29 @@
+= cryptsetup-luksResume(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_LUKSRESUME:
+
+== Name
+
+cryptsetup-luksResume - resume a suspended device and reinstate the key
+
+== SYNOPSIS
+
+*cryptsetup _luksResume_ [<options>] <name>*
+
+== DESCRIPTION
+
+Resumes a suspended device and reinstates the encryption key. Prompts
+interactively for a passphrase if no token is usable (LUKS2 only) or
+--key-file is not given.
+
+*<options>* can be [--key-file, --keyfile-size, --keyfile-offset,
+--key-slot, --header, --disable-keyring, --disable-locks, --token-id,
+--token-only, --token-type, --disable-external-tokens, --type, --tries,
+--timeout, --verify-passphrase].
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-luksSuspend.8.adoc b/man/cryptsetup-luksSuspend.8.adoc
new file mode 100644
index 0000000..ed20681
--- /dev/null
+++ b/man/cryptsetup-luksSuspend.8.adoc
@@ -0,0 +1,33 @@
+= cryptsetup-luksSuspend(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_LUKSSUSPEND:
+
+== Name
+
+cryptsetup-luksSuspend - suspends an active device and wipes the key
+
+== SYNOPSIS
+
+*cryptsetup _luksSuspend_ [<options>] <name>*
+
+== DESCRIPTION
+
+Suspends an active device (all IO operations will block and accesses to
+the device will wait indefinitely) and wipes the encryption key from
+kernel memory. Needs kernel 2.6.19 or later.
+
+After this operation, you have to use _luksResume_ to reinstate the
+encryption key and unblock the device or _close_ to remove the mapped
+device.
+
+*<options>* can be [--header, --disable-locks].
+
+*WARNING:* Never suspend the device on which the cryptsetup binary
+resides.
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-luksUUID.8.adoc b/man/cryptsetup-luksUUID.8.adoc
new file mode 100644
index 0000000..8ffe9ff
--- /dev/null
+++ b/man/cryptsetup-luksUUID.8.adoc
@@ -0,0 +1,25 @@
+= cryptsetup-luksUUID(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_LUKSUUID:
+
+== Name
+
+cryptsetup-luksUUID - print or set the UUID of a LUKS device
+
+== SYNOPSIS
+
+*cryptsetup _luksUUID_ [<options>] <device>*
+
+== DESCRIPTION
+
+Print the UUID of a LUKS device. +
+Set new UUID if _--uuid_ option is specified.
+
+*<options>* can be [--header, --uuid, --type, --disable-locks].
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-open.8.adoc b/man/cryptsetup-open.8.adoc
new file mode 100644
index 0000000..5e8e7a6
--- /dev/null
+++ b/man/cryptsetup-open.8.adoc
@@ -0,0 +1,165 @@
+= cryptsetup-open(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_OPEN:
+
+== Name
+
+cryptsetup-open, cryptsetup-create, cryptsetup-plainOpen, cryptsetup-luksOpen, cryptsetup-loopaesOpen, cryptsetup-tcryptOpen, cryptsetup-bitlkOpen, cryptsetup-fvault2Open - open an encrypted device and create a mapping with a specified name
+
+== SYNOPSIS
+
+*cryptsetup _open_ --type <device_type> [<options>] <device> <name>*
+
+== DESCRIPTION
+Opens (creates a mapping with) <name> backed by device <device>.
+
+Device type can be _plain_, _luks_ (default), _luks1_, _luks2_,
+_loopaes_ or _tcrypt_.
+
+For backward compatibility there are *open* command aliases:
+
+*create* (argument-order <name> <device>): open --type plain +
+*plainOpen*: open --type plain +
+*luksOpen*: open --type luks +
+*loopaesOpen*: open --type loopaes +
+*tcryptOpen*: open --type tcrypt +
+*bitlkOpen*: open --type bitlk
+
+*<options>* are type specific and are described below for individual
+device types. For *create*, the order of the <name> and <device> options
+is inverted for historical reasons, all other aliases use the standard
+*<device> <name>* order.
+
+=== PLAIN
+*open --type plain <device> <name>* +
+plainOpen <device> <name> (*old syntax*) +
+create <name> <device> (*OBSOLETE syntax*)
+
+Opens (creates a mapping with) <name> backed by device <device>.
+
+*<options>* can be [--hash, --cipher, --verify-passphrase, --sector-size,
+--key-file, --keyfile-size, --keyfile-offset, --key-size, --offset,
+--skip, --device-size, --size, --readonly, --shared, --allow-discards,
+--refresh, --timeout, --verify-passphrase, --iv-large-sectors].
+
+Example: 'cryptsetup open --type plain /dev/sda10 e1' maps the raw
+encrypted device /dev/sda10 to the mapped (decrypted) device
+/dev/mapper/e1, which can then be mounted, fsck-ed or have a filesystem
+created on it.
+
+=== LUKS
+*open <device> <name>* +
+open --type <luks1|luks2> <device> <name> (*explicit version request*) +
+luksOpen <device> <name> (*old syntax*)
+
+Opens the LUKS device <device> and sets up a mapping <name> after
+successful verification of the supplied passphrase.
+
+First, the passphrase is searched in LUKS2 tokens unprotected by PIN.
+If such token does not exist (or fails to unlock keyslot) and
+also the passphrase is not supplied via --key-file, the command
+prompts for passphrase interactively.
+
+If there is valid LUKS2 token but it requires PIN to unlock assigned keyslot,
+it is not used unless one of following options is added: --token-only,
+--token-type where type matches desired PIN protected token or --token-id with id
+matching PIN protected token.
+
+*<options>* can be [--key-file, --keyfile-offset, --keyfile-size,
+--readonly, --test-passphrase, --allow-discards, --header, --key-slot,
+--volume-key-file, --token-id, --token-only, --token-type,
+--disable-external-tokens, --disable-keyring, --disable-locks, --type,
+--refresh, --serialize-memory-hard-pbkdf, --unbound, --tries, --timeout,
+--verify-passphrase, --persistent].
+
+=== loopAES
+*open --type loopaes <device> <name> --key-file <keyfile>* +
+loopaesOpen <device> <name> --key-file <keyfile> (*old syntax*)
+
+Opens the loop-AES <device> and sets up a mapping <name>.
+
+If the key file is encrypted with GnuPG, then you have to use
+--key-file=- and decrypt it before use, e.g., like this: +
+gpg --decrypt <keyfile> | cryptsetup loopaesOpen --key-file=- <device>
+<name>
+
+*WARNING:* The loop-AES extension cannot use the direct input of the key
+file on the real terminal because the keys are separated by end-of-line and
+only part of the multi-key file would be read. +
+If you need it in script, just use the pipe redirection: +
+echo $keyfile | cryptsetup loopaesOpen --key-file=- <device> <name>
+
+Use *--keyfile-size* to specify the proper key length if needed.
+
+Use *--offset* to specify device offset. Note that the units need to be
+specified in number of 512 byte sectors.
+
+Use *--skip* to specify the IV offset. If the original device used an
+offset and but did not use it in IV sector calculations, you have to
+explicitly use *--skip 0* in addition to the offset parameter.
+
+Use *--hash* to override the default hash function for passphrase
+hashing (otherwise it is detected according to key size).
+
+*<options>* can be [--cipher, --key-file, --keyfile-size, --keyfile-offset,
+--key-size, --offset, --skip, --hash, --readonly, --allow-discards, --refresh].
+
+=== TrueCrypt and VeraCrypt
+*open --type tcrypt <device> <name>* +
+tcryptOpen <device> <name> (*old syntax*)
+
+Opens the TCRYPT (TrueCrypt and VeraCrypt compatible) <device> and sets
+up a mapping <name>.
+
+*<options>* can be [--key-file, --tcrypt-hidden, --tcrypt-system,
+--tcrypt-backup, --readonly, --test-passphrase, --allow-discards,
+--veracrypt (ignored), --disable-veracrypt, --veracrypt-pim,
+--veracrypt-query-pim, --header,
+--cipher, --hash, --tries, --timeout, --verify-passphrase].
+
+The keyfile parameter allows a combination of file content with the
+passphrase and can be repeated. Note that using keyfiles is compatible
+with TCRYPT and is different from LUKS keyfile logic.
+
+If *--cipher* or *--hash* options are used, only cipher chains or PBKDF2
+variants with the specified hash algorithms are checked. This could
+speed up unlocking the device (but also it reveals some information
+about the container).
+
+If you use *--header* in combination with hidden or system options, the
+header file must contain specific headers on the same positions as the
+original encrypted container.
+
+*WARNING:* Option *--allow-discards* cannot be combined with option
+*--tcrypt-hidden*. For normal mapping, it can cause the *destruction of
+hidden volume* (hidden volume appears as unused space for outer volume
+so this space can be discarded).
+
+=== BitLocker
+*open --type bitlk <device> <name>* +
+bitlkOpen <device> <name> (*old syntax*)
+
+Opens the BITLK (a BitLocker compatible) <device> and sets up a mapping
+<name>.
+
+*<options>* can be [--key-file, --keyfile-offset, --keyfile-size, --key-size,
+--readonly, --test-passphrase, --allow-discards --volume-key-file, --tries,
+--timeout, --verify-passphrase].
+
+=== FileVault2
+*open --type fvault2 <device> <name>* +
+fvault2Open <device> <name> (*old syntax*)
+
+Opens the FVAULT2 (a FileVault2 compatible) <device> and sets up a mapping
+<name>.
+
+*<options>* can be [--key-file, --keyfile-offset, --keyfile-size, --key-size,
+--readonly, --test-passphrase, --allow-discards --volume-key-file, --tries,
+--timeout, --verify-passphrase].
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-reencrypt.8.adoc b/man/cryptsetup-reencrypt.8.adoc
new file mode 100644
index 0000000..154a469
--- /dev/null
+++ b/man/cryptsetup-reencrypt.8.adoc
@@ -0,0 +1,175 @@
+= cryptsetup-reencrypt(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_REENCRYPT:
+
+== Name
+
+cryptsetup-reencrypt - reencrypt LUKS encrypted volumes in-place
+
+== SYNOPSIS
+
+*cryptsetup _reencrypt_ [<options>] <device> or --active-name <name> [<new_name>]*
+
+== DESCRIPTION
+
+Run LUKS device reencryption.
+
+There are 3 basic modes of operation:
+
+* device reencryption (_reencrypt_)
+* device encryption (_reencrypt_ --encrypt/--new/-N)
+* device decryption (_reencrypt_ --decrypt)
+
+<device> or --active-name <name> (LUKS2 only) is mandatory parameter.
+
+Cryptsetup _reencrypt_ action can be used to change reencryption parameters
+which otherwise require full on-disk data change (re-encryption). The
+_reencrypt_ action reencrypts data on LUKS device in-place.
+
+You can regenerate *volume key* (the real key used in on-disk encryption
+unclocked by passphrase), *cipher*, *cipher mode* or *encryption sector size*
+(LUKS2 only).
+
+Reencryption process may be safely interrupted by a user via SIGINT
+signal (ctrl+c). Same applies to SIGTERM signal (i.e. issued by systemd
+during system shutdown).
+
+For in-place encryption mode, the _reencrypt_ action additionally takes all
+options available for _luksFormat_ action for respective LUKS version (see
+cryptsetup-luksFormat man page for more details). See *cryptsetup-luksFormat*(8).
+
+*NOTE* that for encrypt and decrypt mode, the whole device must be
+treated as unencrypted -- there are no quarantees of confidentiality as
+part of the device contains plaintext.
+
+*ALWAYS BE SURE YOU HAVE RELIABLE BACKUP BEFORE USING THIS ACTION ON LUKS DEVICE.*
+
+*<options>* can be [--batch-mode,
+--block-size,
+--cipher,
+--debug,
+--debug-json,
+--decrypt,
+--device-size,
+--disable-locks,
+--encrypt,
+--force-offline-reencrypt,
+--hash,
+--header,
+--hotzone-size,
+--iter-time,
+--init-only,
+--keep-key,
+--key-file,
+--key-size,
+--key-slot,
+--keyfile-offset,
+--keyfile-size,
+--tries,
+--timeout,
+--pbkdf,
+--pbkdf-force-iterations,
+--pbkdf-memory,
+--pbkdf-parallel,
+--progress-frequency,
+--progress-json,
+--reduce-device-size,
+--resilience,
+--resilience-hash,
+--resume-only,
+--sector-size,
+--use-directio,
+--use-random,
+--use-urandom,
+--use-fsync,
+--uuid,
+--verbose,
+--volume-key-file,
+--write-log].
+
+== LUKS2 REENCRYPTION
+
+With <device> parameter cryptsetup looks up active <device> dm mapping.
+If no active mapping is detected, it starts offline LUKS2 reencryption
+otherwise online reencryption takes place.
+
+To resume already initialized or interrupted reencryption, just run the
+cryptsetup _reencrypt_ command again to continue the reencryption
+operation. Reencryption may be resumed with different --resilience or
+--hotzone-size unless implicit datashift resilience mode is used: either
+encrypt mode with --reduce-device-size option or decrypt mode with
+original LUKS2 header exported in --header file.
+
+If the reencryption process was interrupted abruptly (reencryption
+process crash, system crash, poweroff) it may require recovery. The
+recovery is currently run automatically on next activation (action
+_open_) when needed or explicitly by user (action _repair_).
+
+Optional parameter <new_name> takes effect only with encrypt option
+and it activates device <new_name> immediately after encryption
+initialization gets finished. That's useful when device needs to be
+ready as soon as possible and mounted (used) before full data area
+encryption is completed.
+
+== LUKS1 REENCRYPTION
+
+Current working directory must be writable and temporary files created during
+reencryption must be present. During reencryption process the LUKS1 device is
+marked unavailable and must be offline (no dm-crypt mapping or mounted
+filesystem).
+
+*WARNING*: The LUKS1 reencryption code is not resistant to hardware
+or kernel failures during reencryption (you can lose your data in this case).
+
+include::man/common_options.adoc[]
+
+== EXAMPLES
+
+*NOTE*: You may drop *--type luks2* option as long as LUKS2 format is
+default.
+
+=== LUKS2 ENCRYPTION EXAMPLES
+
+Encrypt LUKS2 device (in-place). Make sure last 32 MiB on _/dev/plaintext_
+is unused (e.g.: does not contain filesystem data):
+
+*cryptsetup reencrypt --encrypt --type luks2 --reduce-device-size 32m /dev/plaintext_device*
+
+Encrypt LUKS2 device (in-place) with detached header put in a file:
+
+*cryptsetup reencrypt --encrypt --type luks2 --header my_luks2_header /dev/plaintext_device*
+
+Initialize LUKS2 in-place encryption operation only and activate the device (not yet encrypted):
+
+*cryptsetup reencrypt --encrypt --type luks2 --init-only --reduce-device-size 32m /dev/plaintext_device my_future_luks_device*
+
+Resume online encryption on device initialized in example above:
+
+*cryptsetup reencrypt --resume-only /dev/plaintext_device* or
+*cryptsetup reencrypt --active-name my_future_luks_device*
+
+=== LUKS2 REENCRYPTION EXAMPLES
+
+Reencrypt LUKS2 device (refresh volume key only):
+
+*cryptsetup reencrypt /dev/encrypted_device*
+
+=== LUKS2 DECRYPTION EXAMPLES
+
+Decrypt LUKS2 device with header put in head of data device (header file does not exist):
+
+*cryptsetup reencrypt --decrypt --header /export/header/to/file /dev/encrypted_device*
+
+Decrypt LUKS2 device with detached header (header file exists):
+
+*cryptsetup reencrypt --decrypt --header detached-luks2-header /dev/encrypted_device*
+
+Resume interrupted LUKS2 decryption:
+
+*cryptsetup reencrypt --resume-only --header luks2-hdr-file /dev/encrypted_device*
+
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-refresh.8.adoc b/man/cryptsetup-refresh.8.adoc
new file mode 100644
index 0000000..b79a80a
--- /dev/null
+++ b/man/cryptsetup-refresh.8.adoc
@@ -0,0 +1,53 @@
+= cryptsetup-refresh(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_REFRESH:
+
+== Name
+
+cryptsetup-refresh - refresh parameters of an active mapping
+
+== SYNOPSIS
+
+*cryptsetup _refresh_ [<options>] <name>*
+
+== DESCRIPTION
+
+Refreshes parameters of active mapping <name>.
+
+Updates parameters of active device <name> without the need to deactivate
+the device (and umount filesystem). Currently, it supports parameters
+refresh on following devices: LUKS1, LUKS2 (including authenticated
+encryption), plain crypt and loop-AES.
+
+Mandatory parameters are identical to those of an open action for
+the respective device type.
+
+You may change following parameters on all devices
+--perf-same_cpu_crypt, --perf-submit_from_crypt_cpus,
+--perf-no_read_workqueue, --perf-no_write_workqueue and
+--allow-discards.
+
+Refreshing the device without any optional parameter will refresh the device
+with default setting (respective to device type).
+
+*LUKS2 only:*
+
+The --integrity-no-journal parameter affects only LUKS2 devices with
+the underlying dm-integrity device.
+
+Adding option --persistent stores any combination of device parameters
+above in LUKS2 metadata (only after successful refresh operation).
+
+The --disable-keyring parameter refreshes a device with volume key passed in
+dm-crypt driver.
+
+*<options>* can be [--allow-discards, --perf-same_cpu_crypt, --perf-submit_from_crypt_cpus,
+--perf-no_read_workqueue, --perf-no_write_workqueue, --header, --disable-keyring,
+--disable-locks, --persistent, --integrity-no-journal].
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-repair.8.adoc b/man/cryptsetup-repair.8.adoc
new file mode 100644
index 0000000..22ad9cb
--- /dev/null
+++ b/man/cryptsetup-repair.8.adoc
@@ -0,0 +1,43 @@
+= cryptsetup-repair(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_REPAIR:
+
+== Name
+
+cryptsetup-repair - repair the device metadata
+
+== SYNOPSIS
+
+*cryptsetup _repair_ [<options>] <device>*
+
+== DESCRIPTION
+
+Tries to repair the device metadata if possible. Currently supported
+only for LUKS device type.
+
+This command is useful to fix some known benign LUKS metadata header
+corruptions. Only basic corruptions of unused keyslot are fixable. This
+command will only change the LUKS header, not any key-slot data. You may
+enforce LUKS version by adding --type option.
+
+It also repairs (upgrades) LUKS2 reencryption metadata by adding
+a metadata digest that protects it against malicious changes.
+
+If LUKS2 reencryption was interrupted in the middle of writing
+reencryption segment the repair command can be used to perform
+reencryption recovery so that reencryption can continue later.
+Repairing reencryption requires verification of reencryption
+keyslot so passphrase or keyfile is needed.
+
+*<options>* can be [--timeout, --verify-passphrase, --disable-locks,
+--type, --header, --key-file, --keyfile-size, --keyfile-offset, --key-slot].
+
+*WARNING:* Always create a binary backup of the original header before
+calling this command.
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-resize.8.adoc b/man/cryptsetup-resize.8.adoc
new file mode 100644
index 0000000..4cff482
--- /dev/null
+++ b/man/cryptsetup-resize.8.adoc
@@ -0,0 +1,42 @@
+= cryptsetup-resize(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_RESIZE:
+
+== Name
+
+cryptsetup-resize - resize an active mapping
+
+== SYNOPSIS
+
+*cryptsetup _resize_ [<options>] <name>*
+
+== DESCRIPTION
+
+Resizes an active mapping <name>.
+
+If --size (in 512-bytes sectors) or --device-size are not specified, the
+size is computed from the underlying device. For LUKS it is the size of
+the underlying device without the area reserved for LUKS header (see
+data payload offset in *luksDump* command). For plain crypt device, the
+whole device size is used.
+
+Note that this does not change the raw device geometry, it just changes
+how many sectors of the raw device are represented in the mapped device.
+
+If cryptsetup detected volume key for active device loaded in kernel
+keyring service, resize action would first try to retrieve the key using
+a token. Only if it failed, it'd ask for a passphrase to unlock a
+keyslot (LUKS) or to derive a volume key again (plain mode). The kernel
+keyring is used by default for LUKS2 devices.
+
+*<options>* can be [--size, --device-size, --token-id, --token-only,
+--token-type, --key-slot, --key-file, --keyfile-size, --keyfile-offset,
+--timeout, --disable-external-tokens, --disable-locks, --disable-keyring,
+--verify-passphrase, --timeout].
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-ssh.8.adoc b/man/cryptsetup-ssh.8.adoc
new file mode 100644
index 0000000..f71f856
--- /dev/null
+++ b/man/cryptsetup-ssh.8.adoc
@@ -0,0 +1,80 @@
+= cryptsetup-ssh(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup-ssh {release-version}
+:man-linkstyle: pass:[blue R < >]
+
+== NAME
+
+cryptsetup-ssh - manage LUKS2 SSH token
+
+== SYNOPSIS
+
+*cryptsetup-ssh <action> [<options>] <action args>*
+
+== DESCRIPTION
+
+Experimental cryptsetup plugin for unlocking LUKS2 devices with token
+connected to an SSH server.
+
+This plugin currently allows only adding a token to an existing key
+slot. See *cryptsetup(8)* for instructions on how to remove, import or
+export the token.
+
+=== Add operation
+
+*add <options> <device>*
+
+Adds the SSH token to *<device>*.
+
+The specified SSH server must contain a key file on the specified path with
+a passphrase for an existing key slot on the device. Provided
+credentials will be used by cryptsetup to get the password when opening
+the device using the token.
+
+Options --ssh-server, --ssh-user, --ssh-keypath and --ssh-path are
+required for this operation.
+
+== OPTIONS
+
+**--key-slot**=_NUM_::
+Keyslot to assign the token to. If not specified, the token will be
+assigned to the first key slot matching provided passphrase.
+
+**--ssh-keypath**=_STRING_::
+Path to the SSH key for connecting to the remote server.
+
+**--ssh-path**=_STRING_::
+Path to the key file on the remote server.
+
+**--ssh-server**=_STRING_::
+IP address/URL of the remote server for this token.
+
+**--ssh-user**=_STRING_::
+Username used for the remote server.
+
+*--debug*::
+Show debug messages
+
+*--debug-json*::
+Show debug messages including JSON metadata
+
+*--verbose, -v*::
+Shows more detailed error messages
+
+*--help, -?*::
+Show help
+
+*--version, -V*::
+Print program version
+
+== NOTES
+
+The information provided when adding the token (SSH server address, user
+and paths) will be stored in the LUKS2 header in plaintext.
+
+== AUTHORS
+
+The cryptsetup-ssh tool is written by Vojtech Trefny.
+
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-status.8.adoc b/man/cryptsetup-status.8.adoc
new file mode 100644
index 0000000..1152f55
--- /dev/null
+++ b/man/cryptsetup-status.8.adoc
@@ -0,0 +1,24 @@
+= cryptsetup-status(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_STATUS:
+
+== Name
+
+cryptsetup-status - report the status for a mapping
+
+== SYNOPSIS
+
+*cryptsetup _status_ [<options>] <name>*
+
+== DESCRIPTION
+
+Reports the status for the mapping <name>.
+
+*<options>* can be [--header, --disable-locks].
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-tcryptDump.8.adoc b/man/cryptsetup-tcryptDump.8.adoc
new file mode 100644
index 0000000..51d5041
--- /dev/null
+++ b/man/cryptsetup-tcryptDump.8.adoc
@@ -0,0 +1,37 @@
+= cryptsetup-tcryptDump(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_TCRYPTDUMP:
+
+== Name
+
+cryptsetup-tcryptDump - dump the header information of a TCRYPT (TrueCrypt or VeraCrypt compatible) device
+
+== SYNOPSIS
+
+*cryptsetup _tcryptDump_ [<options>] <device>*
+
+== DESCRIPTION
+
+Dump the header information of a TCRYPT (TrueCrypt or VeraCrypt compatible) device.
+
+If the --dump-volume-key option is used, the TCRYPT device volume key is
+dumped instead of TCRYPT header info. Beware that the volume key (or
+concatenated volume keys if cipher chain is used) can be used to decrypt
+the data stored in the TCRYPT container without a passphrase. This means
+that if the volume key is compromised, the whole device has to be erased
+to prevent further access. Use this option carefully.
+
+*<options>* can be [--dump-volume-key, --key-file, --tcrypt-hidden,
+--tcrypt-system, --tcrypt-backup, --veracrypt (ignored), --disable-veracrypt,
+--veracrypt-pim, --veracrypt-query-pim, --cipher, --hash, --header,
+--verify-passphrase, --timeout].
+
+The keyfile parameter allows a combination of file content with the
+passphrase and can be repeated.
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup-token.8.adoc b/man/cryptsetup-token.8.adoc
new file mode 100644
index 0000000..7a3a069
--- /dev/null
+++ b/man/cryptsetup-token.8.adoc
@@ -0,0 +1,55 @@
+= cryptsetup-token(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+:COMMON_OPTIONS:
+:ACTION_TOKEN:
+
+== Name
+
+cryptsetup-token - manage LUKS2 tokens
+
+== SYNOPSIS
+
+*cryptsetup _token_ <add|remove|import|export|unassign> [<options>] <device>*
+
+== DESCRIPTION
+
+Action _add_ creates a new keyring token to enable auto-activation of the
+device. For the auto-activation, the passphrase must be stored in
+keyring with the specified description. Usually, the passphrase should
+be stored in _user_ or _user-session_ keyring. The _token_ command is
+supported only for LUKS2.
+
+For adding new keyring token, option --key-description is mandatory.
+Also, new token is assigned to key slot specified with --key-slot option
+or to all active key slots in the case --key-slot option is omitted.
+
+To remove existing token, specify the token ID which should be removed
+with --token-id option.
+
+*WARNING:* The action _token remove_ removes any token type, not just
+_keyring_ type from token slot specified by --token-id option.
+
+Action _import_ can store arbitrary valid token json in LUKS2 header. It
+may be passed via standard input or via file passed in --json-file
+option. If you specify --key-slot then successfully imported token is
+also assigned to the key slot.
+
+Action _export_ writes requested token JSON to a file passed with
+--json-file or to standard output.
+
+Action _unassign_ removes token binding to specified keyslot. Both token
+and keyslot must be specified by --token-id and --key-slot parameters.
+
+If --token-id is used with action _add_ or action _import_ and a token
+with that ID already exists, option --token-replace can be used to
+replace the existing token.
+
+*<options>* can be [--header, --token-id, --key-slot, --key-description,
+--disable-external-tokens, --disable-locks, --disable-keyring,
+--json-file, --token-replace, --unbound].
+
+include::man/common_options.adoc[]
+include::man/common_footer.adoc[]
diff --git a/man/cryptsetup.8.adoc b/man/cryptsetup.8.adoc
new file mode 100644
index 0000000..ddd3a12
--- /dev/null
+++ b/man/cryptsetup.8.adoc
@@ -0,0 +1,729 @@
+= cryptsetup(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: cryptsetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+
+== Name
+
+cryptsetup - manage plain dm-crypt, LUKS, and other encrypted volumes
+
+== SYNOPSIS
+
+*cryptsetup <action> [<options>] <action args>*
+
+== DESCRIPTION
+
+cryptsetup is used to conveniently setup dm-crypt managed device-mapper
+mappings. These include plain dm-crypt volumes and LUKS volumes. The
+difference is that LUKS uses a metadata header and can hence offer more
+features than plain dm-crypt. On the other hand, the header is visible
+and vulnerable to damage.
+
+In addition, cryptsetup provides limited support for the use of loop-AES
+volumes, TrueCrypt, VeraCrypt, BitLocker and FileVault2 compatible volumes.
+
+For more information about specific cryptsetup action see
+*cryptsetup-<action>*(8), where *<action>* is the name of the
+cryptsetup action.
+
+== BASIC ACTIONS
+
+The following are valid actions for all supported device types.
+
+=== OPEN
+*open <device> <name> --type <device_type>*
+
+Opens (creates a mapping with) <name> backed by device <device>. +
+See *cryptsetup-open*(8).
+
+=== CLOSE
+*close <name>*
+
+Removes the existing mapping <name> and wipes the key from kernel memory. +
+See *cryptsetup-close*(8).
+
+=== STATUS
+*status <name>*
+
+Reports the status for the mapping <name>. +
+See *cryptsetup-status*(8).
+
+=== RESIZE
+*resize <name>*
+
+Resizes an active mapping <name>. +
+See *cryptsetup-resize*(8).
+
+=== REFRESH
+*refresh <name>*
+
+Refreshes parameters of active mapping <name>. +
+See *cryptsetup-refresh*(8).
+
+=== REENCRYPT
+*reencrypt <device> or --active-name <name> [<new_name>]*
+
+Run LUKS device reencryption. +
+See *cryptsetup-reencrypt*(8).
+
+== PLAIN MODE
+
+Plain dm-crypt encrypts the device sector-by-sector with a single,
+non-salted hash of the passphrase. No checks are performed, no metadata
+is used. There is no formatting operation. When the raw device is mapped
+(opened), the usual device operations can be used on the mapped device,
+including filesystem creation. Mapped devices usually reside in
+/dev/mapper/<name>.
+
+The following are valid plain device type actions:
+
+=== OPEN
+*open --type plain <device> <name>* +
+create <name> <device> (*OBSOLETE syntax*)
+
+Opens (creates a mapping with) <name> backed by device <device>. +
+See *cryptsetup-open*(8).
+
+== LUKS EXTENSION
+
+LUKS, the Linux Unified Key Setup, is a standard for disk encryption. It
+adds a standardized header at the start of the device, a key-slot area
+directly behind the header and the bulk data area behind that. The whole
+set is called a 'LUKS container'. The device that a LUKS container
+resides on is called a 'LUKS device'. For most purposes, both terms can
+be used interchangeably. But note that when the LUKS header is at a
+nonzero offset in a device, then the device is not a LUKS device
+anymore, but has a LUKS container stored in it at an offset.
+
+LUKS can manage multiple passphrases that can be individually revoked or
+changed and that can be securely scrubbed from persistent media due to
+the use of anti-forensic stripes. Passphrases are protected against
+brute-force and dictionary attacks by Password-Based Key Derivation
+Function (PBKDF).
+
+LUKS2 is a new version of header format that allows additional
+extensions like different PBKDF algorithm or authenticated encryption.
+You can format device with LUKS2 header if you specify *--type luks2* in
+*luksFormat* command. For activation, the format is already recognized
+automatically.
+
+Each passphrase, also called a *key* in this document, is associated
+with one of 8 key-slots. Key operations that do not specify a slot
+affect the first slot that matches the supplied passphrase or the first
+empty slot if a new passphrase is added.
+
+The *<device>* parameter can also be specified by a LUKS UUID in the
+format UUID=<uuid>. Translation to real device name uses symlinks in
+/dev/disk/by-uuid directory.
+
+To specify a detached header, the *--header* parameter can be used in
+all LUKS commands and always takes precedence over the positional
+*<device>* parameter.
+
+The following are valid LUKS actions:
+
+=== FORMAT
+*luksFormat <device> [<key file>]*
+
+Initializes a LUKS partition and sets the initial passphrase (for key-slot 0). +
+See *cryptsetup-luksFormat*(8).
+
+=== OPEN
+*open --type luks <device> <name>* +
+luksOpen <device> <name> (*old syntax*)
+
+Opens the LUKS device <device> and sets up a mapping <name> after
+successful verification of the supplied passphrase. +
+See *cryptsetup-open*(8).
+
+=== SUSPEND
+*luksSuspend <name>*
+
+Suspends an active device (all IO operations will block and accesses to
+the device will wait indefinitely) and wipes the encryption key from
+kernel memory. +
+See *cryptsetup-luksSuspend*(8).
+
+=== RESUME
+*luksResume <name>*
+
+Resumes a suspended device and reinstates the encryption key. +
+See *cryptsetup-luksResume*(8).
+
+=== ADD KEY
+*luksAddKey <device> [<key file with new key>]*
+
+Adds a new passphrase using an existing passphrase. +
+See *cryptsetup-luksAddKey*(8).
+
+=== REMOVE KEY
+*luksRemoveKey <device> [<key file with passphrase to be removed>]*
+
+Removes the supplied passphrase from the LUKS device. +
+See *cryptsetup-luksRemoveKey*(8).
+
+=== CHANGE KEY
+*luksChangeKey <device> [<new key file>]*
+
+Changes an existing passphrase. +
+See *cryptsetup-luksChangeKey*(8).
+
+=== CONVERT KEY
+*luksConvertKey <device>*
+
+Converts an existing LUKS2 keyslot to new PBKDF parameters. +
+See *cryptsetup-luksConvertKey*(8).
+
+=== KILL SLOT
+*luksKillSlot <device> <key slot number>*
+
+Wipe the key-slot number <key slot> from the LUKS device. +
+See *cryptsetup-luksKillSlot*(8).
+
+=== ERASE
+*erase <device>* +
+luksErase <device> (*old syntax*)
+
+Erase all keyslots and make the LUKS container permanently inaccessible. +
+See *cryptsetup-erase*(8).
+
+=== UUID
+*luksUUID <device>*
+
+Print or set the UUID of a LUKS device. +
+See *cryptsetup-luksUUID*(8).
+
+=== IS LUKS
+*isLuks <device>*
+
+Returns true, if <device> is a LUKS device, false otherwise. +
+See *cryptsetup-isLuks*(8).
+
+=== DUMP
+*luksDump <device>*
+
+Dump the header information of a LUKS device. +
+See *cryptsetup-luksDump*(8).
+
+=== HEADER BACKUP
+*luksHeaderBackup <device> --header-backup-file <file>*
+
+Stores a binary backup of the LUKS header and keyslot area. +
+See *cryptsetup-luksHeaderBackup*(8).
+
+=== HEADER RESTORE
+*luksHeaderRestore <device> --header-backup-file <file>*
+
+Restores a binary backup of the LUKS header and keyslot area from the
+specified file. +
+See *cryptsetup-luksHeaderRestore*(8).
+
+=== TOKEN
+*token <add|remove|import|export> <device>*
+
+Manipulate token objects used for obtaining passphrases. +
+See *cryptsetup-token*(8).
+
+=== CONVERT
+*convert <device> --type <format>*
+
+Converts the device between LUKS1 and LUKS2 format (if possible). +
+See *cryptsetup-convert*(8).
+
+=== CONFIG
+*config <device>*
+
+Set permanent configuration options (store to LUKS header). +
+See *cryptsetup-config*(8).
+
+== loop-AES EXTENSION
+
+cryptsetup supports mapping loop-AES encrypted partition using a
+compatibility mode.
+
+=== OPEN
+*open --type loopaes <device> <name> --key-file <keyfile>* +
+loopaesOpen <device> <name> --key-file <keyfile> (*old syntax*)
+
+Opens the loop-AES <device> and sets up a mapping <name>. +
+See *cryptsetup-open*(8).
+
+See also section 7 of the FAQ and http://loop-aes.sourceforge.net[loop-AES]
+for more information regarding loop-AES.
+
+== TCRYPT (TrueCrypt and VeraCrypt compatible) EXTENSION
+
+cryptsetup supports mapping of TrueCrypt, tcplay or VeraCrypt encrypted
+partition using a native Linux kernel API. Header formatting and TCRYPT
+header change is not supported, cryptsetup never changes TCRYPT header
+on-device.
+
+TCRYPT extension requires kernel userspace crypto API to be available
+(introduced in Linux kernel 2.6.38). If you are configuring kernel
+yourself, enable "User-space interface for symmetric key cipher
+algorithms" in "Cryptographic API" section
+(CRYPTO_USER_API_SKCIPHER .config option).
+
+Because TCRYPT header is encrypted, you have to always provide valid
+passphrase and keyfiles.
+
+Cryptsetup should recognize all header variants, except legacy cipher
+chains using LRW encryption mode with 64 bits encryption block (namely
+Blowfish in LRW mode is not recognized, this is limitation of kernel
+crypto API).
+
+VeraCrypt is extension of TrueCrypt header with increased iteration
+count so unlocking can take quite a lot of time.
+
+To open a VeraCrypt device with a custom Personal Iteration Multiplier
+(PIM) value, use either the *--veracrypt-pim=<PIM>* option to directly
+specify the PIM on the command- line or use *--veracrypt-query-pim* to
+be prompted for the PIM.
+
+The PIM value affects the number of iterations applied during key
+derivation. Please refer to
+https://www.veracrypt.fr/en/Personal%20Iterations%20Multiplier%20%28PIM%29.html[PIM]
+for more detailed information.
+
+If you need to disable VeraCrypt device support, use
+*--disable-veracrypt* option.
+
+*NOTE:* Activation with *tcryptOpen* is supported only for cipher chains
+using LRW or XTS encryption modes.
+
+The *tcryptDump* command should work for all recognized TCRYPT devices
+and doesn't require superuser privilege.
+
+To map system device (device with boot loader where the whole encrypted
+system resides) use *--tcrypt-system* option. You can use partition
+device as the parameter (parameter must be real partition device, not an
+image in a file), then only this partition is mapped.
+
+If you have the whole TCRYPT device as a file image and you want to map
+multiple partition encrypted with system encryption, please create
+loopback mapping with partitions first (*losetup -P*, see *losetup(8)*
+man page for more info), and use loop partition as the device parameter.
+
+If you use the whole base device as a parameter, one device for the
+whole system encryption is mapped. This mode is available only for
+backward compatibility with older cryptsetup versions which mapped
+TCRYPT system encryption using the whole device.
+
+To use hidden header (and map hidden device, if available), use
+*--tcrypt-hidden* option.
+
+To explicitly use backup (secondary) header, use *--tcrypt-backup*
+option.
+
+*NOTE:* There is no protection for a hidden volume if the outer volume
+is mounted. The reason is that if there were any protection, it would
+require some metadata describing what to protect in the outer volume and
+the hidden volume would become detectable.
+
+=== OPEN
+*open --type tcrypt <device> <name>* +
+tcryptOpen_ <device> <name> (*old syntax*)
+
+Opens the TCRYPT (a TrueCrypt-compatible) <device> and sets up a mapping
+<name>. +
+See *cryptsetup-open*(8).
+
+=== DUMP
+*tcryptDump <device>*
+
+Dump the header information of a TCRYPT device. +
+See *cryptsetup-tcryptDump*(8).
+
+See also https://en.wikipedia.org/wiki/TrueCrypt[*TrueCrypt*] and
+https://en.wikipedia.org/wiki/VeraCrypt[*VeraCrypt*] pages for more information.
+
+Please note that cryptsetup does not use TrueCrypt or VeraCrypt code, please
+report all problems related to this compatibility extension to the cryptsetup
+project.
+
+== BITLK (Windows BitLocker compatible) EXTENSION
+
+cryptsetup supports mapping of BitLocker and BitLocker to Go encrypted
+partition using a native Linux kernel API. Header formatting and BITLK
+header changes are not supported, cryptsetup never changes BITLK header
+on-device.
+
+BITLK extension requires kernel userspace crypto API to be available
+(for details see TCRYPT section).
+
+Cryptsetup should recognize all BITLK header variants, except legacy
+header used in Windows Vista systems and partially decrypted BitLocker
+devices. Activation of legacy devices encrypted in CBC mode requires at
+least Linux kernel version 5.3 and for devices using Elephant diffuser
+kernel 5.6.
+
+The *bitlkDump* command should work for all recognized BITLK devices and
+doesn't require superuser privilege.
+
+For unlocking with the *open* a password or a recovery passphrase or a
+startup key must be provided.
+
+Additionally unlocking using volume key is supported. You must provide
+BitLocker Full Volume Encryption Key (FVEK) using the --volume-key-file
+option. The key must be decrypted and without the header (only
+128/256/512 bits of key data depending on used cipher and mode).
+
+Other unlocking methods (TPM, SmartCard) are not supported.
+
+=== OPEN
+*open --type bitlk <device> <name>* +
+bitlkOpen <device> <name> (*old syntax*)
+
+Opens the BITLK (a BitLocker-compatible) <device> and sets up a mapping
+<name>. +
+See *cryptsetup-open*(8).
+
+=== DUMP
+*bitlkDump <device>*
+
+Dump the header information of a BITLK device. +
+See *cryptsetup-bitlkDump*(8).
+
+Please note that cryptsetup does not use any Windows BitLocker code,
+please report all problems related to this compatibility extension to
+the cryptsetup project.
+
+== FVAULT2 (Apple macOS FileVault2 compatible) EXTENSION
+
+cryptsetup supports the mapping of FileVault2 (FileVault2 full-disk
+encryption) by Apple for the macOS operating system using a native Linux
+kernel API.
+
+*NOTE:* cryptsetup supports only FileVault2 based on Core Storage and HFS+
+filesystem (introduced in MacOS X 10.7 Lion).
+It does NOT support the new version of FileVault based on the APFS
+filesystem used in recent macOS versions.
+
+Header formatting and FVAULT2 header changes are not supported;
+cryptsetup never changes the FVAULT2 header on-device.
+
+FVAULT2 extension requires kernel userspace crypto API to be available
+(for details, see TCRYPT section) and kernel driver for HFS+ (hfsplus)
+filesystem.
+
+Cryptsetup should recognize the basic configuration for portable drives.
+
+The *fvault2Dump* command should work for all recognized FVAULT2 devices
+and doesn't require superuser privilege.
+
+For unlocking with the *open*, a password must be provided.
+Other unlocking methods are not supported.
+
+=== OPEN
+*open --type fvault2 <device> <name>* +
+fvault2Open <device> <name> (*old syntax*)
+
+Opens the FVAULT2 (a FileVault2-compatible) <device> (usually the second
+partition on the device) and sets up a mapping <name>. +
+See *cryptsetup-open*(8).
+
+=== DUMP
+*fvault2Dump <device>*
+
+Dump the header information of an FVAULT2 device. +
+See *cryptsetup-fvault2Dump*(8).
+
+Note that cryptsetup does not use any macOS code or proprietary
+specifications. Please report all problems related to this compatibility
+extension to the cryptsetup project.
+
+== MISCELLANEOUS ACTIONS
+
+=== REPAIR
+*repair <device>*
+
+Tries to repair the device metadata if possible. Currently supported
+only for LUKS device type. +
+See *cryptsetup-repair*(8).
+
+=== BENCHMARK
+*benchmark <options>*
+
+Benchmarks ciphers and KDF (key derivation function). +
+See *cryptsetup-benchmark*(8).
+
+== PLAIN DM-CRYPT OR LUKS?
+
+Unless you understand the cryptographic background well, use LUKS. With
+plain dm-crypt there are a number of possible user errors that massively
+decrease security. While LUKS cannot fix them all, it can lessen the
+impact for many of them.
+
+== WARNINGS
+
+A lot of good information on the risks of using encrypted storage, on
+handling problems and on security aspects can be found in the
+Cryptsetup FAQ. Read it. Nonetheless, some risks deserve to be
+mentioned here.
+
+*Backup:* Storage media die. Encryption has no influence on that. Backup
+is mandatory for encrypted data as well, if the data has any worth. See
+the Cryptsetup FAQ for advice on how to do a backup of an encrypted
+volume.
+
+*Character encoding:* If you enter a passphrase with special symbols,
+the passphrase can change depending on character encoding. Keyboard
+settings can also change, which can make blind input hard or impossible.
+For example, switching from some ASCII 8-bit variant to UTF-8 can lead
+to a different binary encoding and hence different passphrase seen by
+cryptsetup, even if what you see on the terminal is exactly the same. It
+is therefore highly recommended to select passphrase characters only
+from 7-bit ASCII, as the encoding for 7-bit ASCII stays the same for all
+ASCII variants and UTF-8.
+
+*LUKS header:* If the header of a LUKS volume gets damaged, all data is
+permanently lost unless you have a header-backup. If a key-slot is
+damaged, it can only be restored from a header-backup or if another
+active key-slot with known passphrase is undamaged. Damaging the LUKS
+header is something people manage to do with surprising frequency. This
+risk is the result of a trade-off between security and safety, as LUKS
+is designed for fast and secure wiping by just overwriting header and
+key-slot area.
+
+*Previously used partitions:* If a partition was previously used, it is
+a very good idea to wipe filesystem signatures, data, etc. before
+creating a LUKS or plain dm-crypt container on it. For a quick removal
+of filesystem signatures, use *wipefs*(8). Take care though that this may
+not remove everything. In particular, MD RAID signatures at the end of a
+device may survive. It also does not remove data. For a full wipe,
+overwrite the whole partition before container creation. If you do not
+know how to do that, the cryptsetup FAQ describes several options.
+
+== EXAMPLES
+
+Example 1: Create LUKS 2 container on block device /dev/sdX.::
+ sudo cryptsetup --type luks2 luksFormat /dev/sdX
+Example 2: Add an additional passphrase to key slot 5.::
+ sudo cryptsetup luksAddKey --key-slot 5 /dev/sdX
+Example 3: Create LUKS header backup and save it to file.::
+ sudo cryptsetup luksHeaderBackup /dev/sdX --header-backup-file
+ /var/tmp/NameOfBackupFile
+Example 4: Open LUKS container on /dev/sdX and map it to sdX_crypt.::
+ sudo cryptsetup open /dev/sdX sdX_crypt
+*WARNING: The command in example 5 will erase all key slots.*::
+ Your cannot use your LUKS container afterward anymore unless you have
+ a backup to restore.
+Example 5: Erase all key slots on /dev/sdX.::
+ sudo cryptsetup erase /dev/sdX
+Example 6: Restore LUKS header from backup file.::
+ sudo cryptsetup luksHeaderRestore /dev/sdX --header-backup-file
+ /var/tmp/NameOfBackupFile
+
+== RETURN CODES
+
+Cryptsetup returns *0* on success and a non-zero value on error.
+
+Error codes are: *1* wrong parameters, *2* no permission (bad passphrase),
+*3* out of memory, *4* wrong device specified, *5* device already exists
+or device is busy.
+
+== NOTES
+
+=== Passphrase processing for PLAIN mode
+
+Note that no iterated hashing or salting is done in plain mode. If
+hashing is done, it is a single direct hash. This means that low-entropy
+passphrases are easy to attack in plain mode.
+
+*From a terminal*: The passphrase is read until the first newline, i.e.
+'\n'. The input without the newline character is processed with the
+default hash or the hash specified with --hash. The hash result will be
+truncated to the key size of the used cipher, or the size specified with
+-s.
+
+*From stdin*: Reading will continue until a newline (or until the
+maximum input size is reached), with the trailing newline stripped. The
+maximum input size is defined by the same compiled-in default as for the
+maximum key file size and can be overwritten using --keyfile-size
+option.
+
+The data read will be hashed with the default hash or the hash specified
+with --hash. The hash result will be truncated to the key size of the
+used cipher, or the size specified with -s.
+
+Note that if --key-file=- is used for reading the key from stdin,
+trailing newlines are not stripped from the input.
+
+If "plain" is used as argument to --hash, the input data will not be
+hashed. Instead, it will be zero padded (if shorter than the key size)
+or truncated (if longer than the key size) and used directly as the
+binary key. This is useful for directly specifying a binary key. No
+warning will be given if the amount of data read from stdin is less than
+the key size.
+
+*From a key file*: It will be truncated to the key size of the used
+cipher or the size given by -s and directly used as a binary key.
+
+*WARNING*: The --hash argument is being ignored. The --hash option is
+usable only for stdin input in plain mode.
+
+If the key file is shorter than the key, cryptsetup will quit with an
+error. The maximum input size is defined by the same compiled-in default
+as for the maximum key file size and can be overwritten using
+--keyfile-size option.
+
+=== Passphrase processing for LUKS
+
+LUKS uses PBKDF to protect against dictionary attacks and to give some
+protection to low-entropy passphrases (see cryptsetup FAQ).
+
+*From a terminal*: The passphrase is read until the first newline and
+then processed by PBKDF2 without the newline character.
+
+*From stdin*: LUKS will read passphrases from stdin up to the first
+newline character or the compiled-in maximum key file length. If
+--keyfile-size is given, it is ignored.
+
+*From key file*: The complete keyfile is read up to the compiled-in
+maximum size. Newline characters do not terminate the input. The
+--keyfile-size option can be used to limit what is read.
+
+*Passphrase processing*: Whenever a passphrase is added to a LUKS header
+(luksAddKey, luksFormat), the user may specify how much the time the
+passphrase processing should consume. The time is used to determine the
+iteration count for PBKDF2 and higher times will offer better protection
+for low-entropy passphrases, but open will take longer to complete. For
+passphrases that have entropy higher than the used key length, higher
+iteration times will not increase security.
+
+The default setting of one or two seconds is sufficient for most
+practical cases. The only exception is a low-entropy passphrase used on
+a device with a slow CPU, as this will result in a low iteration count.
+On a slow device, it may be advisable to increase the iteration time
+using the --iter-time option in order to obtain a higher iteration
+count. This does slow down all later luksOpen operations accordingly.
+
+=== Incoherent behavior for invalid passphrases/keys
+
+LUKS checks for a valid passphrase when an encrypted partition is
+unlocked. The behavior of plain dm-crypt is different. It will always
+decrypt with the passphrase given. If the given passphrase is wrong, the
+device mapped by plain dm-crypt will essentially still contain encrypted
+data and will be unreadable.
+
+=== Supported ciphers, modes, hashes and key sizes
+
+The available combinations of ciphers, modes, hashes and key sizes
+depend on kernel support. See /proc/crypto for a list of available
+options. You might need to load additional kernel crypto modules in
+order to get more options.
+
+For the --hash option, if the crypto backend is libgcrypt, then all
+algorithms supported by the gcrypt library are available. For other
+crypto backends, some algorithms may be missing.
+
+=== Notes on passphrases
+
+Mathematics can't be bribed. Make sure you keep your passphrases safe.
+There are a few nice tricks for constructing a fallback, when suddenly
+out of the blue, your brain refuses to cooperate. These fallbacks need
+LUKS, as it's only possible with LUKS to have multiple passphrases.
+Still, if your attacker model does not prevent it, storing your
+passphrase in a sealed envelope somewhere may be a good idea as well.
+
+=== Notes on Random Number Generators
+
+Random Number Generators (RNG) used in cryptsetup are always the kernel
+RNGs without any modifications or additions to data stream produced.
+
+There are two types of randomness cryptsetup/LUKS needs. One type (which
+always uses /dev/urandom) is used for salts, the AF splitter and for
+wiping deleted keyslots.
+
+The second type is used for the volume key. You can switch between using
+/dev/random and /dev/urandom here, see *--use-random* and
+*--use-urandom* options. Using /dev/random on a system without enough
+entropy sources can cause *luksFormat* to block until the requested
+amount of random data is gathered. In a low-entropy situation (embedded
+system), this can take a very long time and potentially forever. At the
+same time, using /dev/urandom in a low-entropy situation will produce
+low-quality keys. This is a serious problem, but solving it is out of
+scope for a mere man-page. See *urandom(4)* for more information.
+
+=== Authenticated disk encryption (EXPERIMENTAL)
+
+Since Linux kernel version 4.12 dm-crypt supports authenticated disk
+encryption.
+
+Normal disk encryption modes are length-preserving (plaintext sector is
+of the same size as a ciphertext sector) and can provide only
+confidentiality protection, but not cryptographically sound data
+integrity protection.
+
+Authenticated modes require additional space per-sector for
+authentication tag and use Authenticated Encryption with Additional Data
+(AEAD) algorithms.
+
+If you configure LUKS2 device with data integrity protection, there will
+be an underlying dm-integrity device, which provides additional
+per-sector metadata space and also provide data journal protection to
+ensure atomicity of data and metadata update. Because there must be
+additional space for metadata and journal, the available space for the
+device will be smaller than for length-preserving modes.
+
+The dm-crypt device then resides on top of such a dm-integrity device.
+All activation and deactivation of this device stack is performed by
+cryptsetup, there is no difference in using *luksOpen* for integrity
+protected devices. If you want to format LUKS2 device with data
+integrity protection, use *--integrity* option.
+
+Since dm-integrity doesn't support discards (TRIM), dm-crypt device on
+top of it inherits this, so integrity protection mode doesn't support
+discards either.
+
+Some integrity modes requires two independent keys (key for encryption
+and for authentication). Both these keys are stored in one LUKS keyslot.
+
+*WARNING:* All support for authenticated modes is experimental and there
+are only some modes available for now. Note that there are a very few
+authenticated encryption algorithms that are suitable for disk
+encryption. You also cannot use CRC32 or any other non-cryptographic
+checksums (other than the special integrity mode "none"). If for some
+reason you want to have integrity control without using authentication
+mode, then you should separately configure dm-integrity independently of
+LUKS2.
+
+=== Notes on loopback device use
+
+Cryptsetup is usually used directly on a block device (disk partition or
+LVM volume). However, if the device argument is a file, cryptsetup tries
+to allocate a loopback device and map it into this file. This mode
+requires Linux kernel 2.6.25 or more recent which supports the loop
+autoclear flag (loop device is cleared on the last close automatically).
+Of course, you can always map a file to a loop-device manually. See the
+cryptsetup FAQ for an example.
+
+When device mapping is active, you can see the loop backing file in the
+status command output. Also see losetup(8).
+
+=== LUKS2 header locking
+
+The LUKS2 on-disk metadata is updated in several steps and to achieve
+proper atomic update, there is a locking mechanism. For an image in
+file, code uses *flock(2)* system call. For a block device, lock is
+performed over a special file stored in a locking directory (by default
+*/run/cryptsetup*). The locking directory should be created with the
+proper security context by the distribution during the boot-up phase.
+Only LUKS2 uses locks, other formats do not use this mechanism.
+
+=== LUKS on-disk format specification
+
+For LUKS on-disk metadata specification see
+https://gitlab.com/cryptsetup/cryptsetup/wikis/Specification[*LUKS1*] and
+https://gitlab.com/cryptsetup/LUKS2-docs[*LUKS2*].
+
+== AUTHORS
+
+Cryptsetup is originally written by mailto:jana@saout.de[Jana Saout]. +
+The LUKS extensions and original man page were written by
+mailto:clemens@endorphin.org[Clemens Fruhwirth]. +
+Man page extensions by mailto:gmazyland@gmail.com[Milan Broz]. +
+Man page rewrite and extension by mailto:arno@wagner.name[Arno Wagner].
+
+include::man/common_footer.adoc[]
diff --git a/man/integritysetup.8.adoc b/man/integritysetup.8.adoc
new file mode 100644
index 0000000..2aec1a6
--- /dev/null
+++ b/man/integritysetup.8.adoc
@@ -0,0 +1,334 @@
+= integritysetup(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: integritysetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+
+== NAME
+
+integritysetup - manage dm-integrity (block level integrity) volumes
+
+== SYNOPSIS
+
+*integritysetup <action> [<options>] <action args>*
+
+== DESCRIPTION
+
+Integritysetup is used to configure dm-integrity managed device-mapper
+mappings.
+
+Device-mapper integrity target provides read-write transparent integrity
+checking of block devices. The dm-integrity target emulates an additional
+data integrity field per-sector. You can use this additional field
+directly with integritysetup utility, or indirectly (for authenticated
+encryption) through cryptsetup.
+
+== BASIC ACTIONS
+
+Integritysetup supports these operations:
+
+=== FORMAT
+*format <device>*
+
+Formats <device> (calculates space and dm-integrity superblock and wipes
+the device).
+
+*<options>* can be [--data-device, --batch-mode, --no-wipe,
+--journal-size, --interleave-sectors, --tag-size, --integrity,
+--integrity-key-size, --integrity-key-file, --sector-size,
+--progress-frequency, --progress-json].
+
+=== OPEN
+*open <device> <name>* +
+create <name> <device> (*OBSOLETE syntax*)
+
+Open a mapping with <name> backed by device <device>.
+
+*<options>* can be [--data-device, --batch-mode, --journal-watermark,
+--journal-commit-time, --buffer-sectors, --integrity,
+--integrity-key-size, --integrity-key-file, --integrity-no-journal,
+--integrity-recalculate,
+--integrity-recalculate-reset,--integrity-recovery-mode,
+--allow-discards].
+
+=== CLOSE
+*close <name>* +
+remove <name> (*OBSOLETE syntax*)
+
+Removes existing mapping <name>.
+
+*<options>* can be [--deferred] or [--cancel-deferred]
+
+=== STATUS
+*status <name>*
+
+Reports status for the active integrity mapping <name>.
+
+=== DUMP
+*dump <device>*
+
+Reports parameters from on-disk stored superblock.
+
+=== RESIZE
+*resize <name>*
+
+Resizes an active mapping <name>.
+
+If --size (in 512-bytes sectors) or --device-size are not specified, the
+size is computed from the underlying device. After resize, the
+*recalculating* flag is set. If --wipe flag is set and the size of the
+device is increased, the newly added section will be wiped.
+
+Increasing the size of integrity volumes is available since the Linux
+kernel version 5.7, shrinking should work on older kernels too.
+
+*<options>* can be [--size, --device-size, --wipe].
+
+== OPTIONS
+*--progress-frequency <seconds>*::
+Print separate line every <seconds> with wipe progress.
+
+*--progress-json*::
+Prints wipe progress data in json format suitable mostly for machine
+processing. It prints separate line every half second (or based on
+--progress-frequency value). The JSON output looks as follows during
+wipe progress (except it's compact single line):
++
+....
+{
+ "device":"/dev/sda" // backing device or file
+ "device_bytes":"8192", // bytes wiped so far
+ "device_size":"44040192", // total bytes to wipe
+ "speed":"126877696", // calculated speed in bytes per second (based on progress so far)
+ "eta_ms":"2520012" // estimated time to finish wipe in milliseconds
+ "time_ms":"5561235" // total time spent wiping device in milliseconds
+}
+....
++
+Note on numbers in JSON output: Due to JSON parsers limitations all
+numbers are represented in a string format due to need of full 64bit
+unsigned integers.
+
+*--no-wipe*::
+Do not wipe the device after format. A device that is not initially
+wiped will contain invalid checksums.
+
+*--wipe*::
+Wipe the newly allocated area after resize to bigger size. If this
+flag is not set, checksums will be calculated for the data previously
+stored in the newly allocated area.
+
+*--journal-size, -j BYTES*::
+Size of the journal.
+
+*--interleave-sectors SECTORS*::
+The number of interleaved sectors.
+
+*--integrity-recalculate*::
+Automatically recalculate integrity tags in kernel on activation. The
+device can be used during automatic integrity recalculation but
+becomes fully integrity protected only after the background operation
+is finished. This option is available since the Linux kernel version
+4.19.
+
+*--integrity-recalculate-reset*::
+Restart recalculation from the beginning of the device. It can be used
+to change the integrity checksum function. Note it does not change the
+tag length. This option is available since the Linux kernel version
+5.13.
+
+*--journal-watermark PERCENT*::
+Journal watermark in percents. When the size of the journal exceeds
+this watermark, the journal flush will be started.
+
+*--journal-commit-time MS*::
+Commit time in milliseconds. When this time passes (and no explicit
+flush operation was issued), the journal is written.
+
+*--tag-size, -t BYTES*::
+Size of the integrity tag per-sector (here the integrity function will
+store authentication tag).
++
+*NOTE:* The size can be smaller that output size of the hash function,
+in that case only part of the hash will be stored.
+
+*--data-device <data_device>*::
+Specify a separate data device that contains existing data. The
+<device> then will contain calculated integrity tags and journal for
+data on <data_device>.
++
+*NOTE:* To not wipe the data device after initial format, also specify
+--no-wipe option and activate with --integrity-recalculate to
+automatically recalculate integrity tags.
+
+*--sector-size, -s BYTES*::
+Sector size (power of two: 512, 1024, 2048, 4096).
+
+*--buffer-sectors SECTORS*::
+The number of sectors in one buffer.
++
+The tag area is accessed using buffers, the large buffer size means that
+the I/O size will be larger, but there could be less I/Os issued.
+
+*--integrity, -I ALGORITHM*::
+Use internal integrity calculation (standalone mode). The integrity
+algorithm can be CRC (crc32c/crc32), non-cryptographic hash function
+(xxhash64) or hash function (sha1, sha256).
++
+For HMAC (hmac-sha256) you have also to specify an integrity key and its
+size.
+
+*--integrity-key-size BYTES*::
+The size of the data integrity key. Maximum is 4096 bytes.
+
+*--integrity-key-file FILE*::
+The file with the integrity key.
+
+*--integrity-no-journal, -D*::
+Disable journal for integrity device.
+
+*--integrity-bitmap-mode. -B*::
+Use alternate bitmap mode (available since Linux kernel 5.2) where
+dm-integrity uses bitmap instead of a journal. If a bit in the bitmap
+is 1, the corresponding region's data and integrity tags are not
+synchronized - if the machine crashes, the unsynchronized regions will
+be recalculated. The bitmap mode is faster than the journal mode,
+because we don't have to write the data twice, but it is also less
+reliable, because if data corruption happens when the machine crashes,
+it may not be detected.
+
+*--bitmap-sectors-per-bit SECTORS*::
+Number of 512-byte sectors per bitmap bit, the value must be power of
+two.
+
+*--bitmap-flush-time MS*::
+Bitmap flush time in milliseconds.
++
+*WARNING:*::
+In case of a crash, it is possible that the data and integrity tag
+doesn't match if the journal is disabled.
+
+*--integrity-recovery-mode. -R*::
+Recovery mode (no journal, no tag checking).
+
+*NOTE:* The following options are intended for testing purposes only.:
+Using journal encryption does not make sense without encryption the
+data, these options are internally used in authenticated disk
+encryption with *cryptsetup(8)*.
+
+*--journal-integrity ALGORITHM*::
+Integrity algorithm for journal area. See --integrity option for
+detailed specification.
+
+*--journal-integrity-key-size BYTES*::
+The size of the journal integrity key. Maximum is 4096 bytes.
+
+*--journal-integrity-key-file FILE*::
+The file with the integrity key.
+
+*--journal-crypt ALGORITHM*::
+Encryption algorithm for journal data area. You can use a block cipher
+here such as cbc-aes or a stream cipher, for example, chacha20 or
+ctr-aes.
+
+*--journal-crypt-key-size BYTES*::
+The size of the journal encryption key. Maximum is 4096 bytes.
+
+*--journal-crypt-key-file FILE*::
+The file with the journal encryption key.
+
+*--allow-discards*::
+Allow the use of discard (TRIM) requests for the device. This option
+is available since the Linux kernel version 5.7.
+
+*--deferred*::
+Defers device removal in *close* command until the last user closes
+it.
+
+*--cancel-deferred*::
+Removes a previously configured deferred device removal in *close*
+command.
+
+*--verbose, -v*::
+Print more information on command execution.
+
+*--debug*::
+Run in debug mode with full diagnostic logs. Debug output lines are
+always prefixed by *#*.
+
+*--version, -V*::
+Show the program version.
+
+*--batch-mode, -q*::
+Do not ask for confirmation.
+
+*--usage*::
+Show short option help.
+
+*--help, -?*::
+Show help text and default parameters.
+
+== LEGACY COMPATIBILITY OPTIONS
+
+*WARNING:*::
+Do not use these options until you need compatibility with specific
+old kernel.
+
+*--integrity-legacy-padding*::
+Use inefficient legacy padding.
+
+*--integrity-legacy-hmac*::
+Use old flawed HMAC calculation (also does not protect superblock).
+
+*--integrity-legacy-recalculate*::
+Allow insecure recalculating of volumes with HMAC keys (recalculation
+offset in superblock is not protected).
+
+== RETURN CODES
+
+Integritysetup returns *0* on success and a non-zero value on error.
+
+Error codes are: *1* wrong parameters, *2* no permission, *3* out of memory,
+*4* wrong device specified, *5* device already exists or device is busy.
+
+== NOTES
+The dm-integrity target is available since Linux kernel version 4.12.
+
+Format and activation of an integrity device always require superuser
+privilege because the superblock is calculated and handled in
+dm-integrity kernel target.
+
+== EXAMPLES
+
+Format the device with default standalone mode (CRC32C):
+
+*integritysetup format <device>*
+
+Open the device with default parameters:
+
+*integritysetup open <device> test*
+
+Format the device in standalone mode for use with HMAC(SHA256):
+
+*integritysetup format <device> --tag-size 32 --integrity hmac-sha256
+--integrity-key-file <keyfile> --integrity-key-size <key_bytes>*
+
+Open (activate) the device with HMAC(SHA256) and HMAC key in file:
+
+*integritysetup open <device> test --integrity hmac-sha256
+--integrity-key-file <keyfile> --integrity-key-size <key_bytes>*
+
+Dump dm-integrity superblock information:
+
+*integritysetup dump <device>*
+
+== DM-INTEGRITY ON-DISK FORMAT
+
+The on-disk format specification available at
+https://gitlab.com/cryptsetup/cryptsetup/wikis/DMIntegrity[*DMIntegrity*] page.
+
+== AUTHORS
+
+The integritysetup tool is written by mailto:gmazyland@gmail.com[Milan Broz].
+
+include::man/common_footer.adoc[]
diff --git a/man/veritysetup.8.adoc b/man/veritysetup.8.adoc
new file mode 100644
index 0000000..36d1501
--- /dev/null
+++ b/man/veritysetup.8.adoc
@@ -0,0 +1,311 @@
+= veritysetup(8)
+:doctype: manpage
+:manmanual: Maintenance Commands
+:mansource: veritysetup {release-version}
+:man-linkstyle: pass:[blue R < >]
+
+== NAME
+
+veritysetup - manage dm-verity (block level verification) volumes
+
+== SYNOPSIS
+
+*veritysetup <action> [<options>] <action args>*
+
+== DESCRIPTION
+
+Veritysetup is used to configure dm-verity managed device-mapper
+mappings.
+
+Device-mapper verity target provides read-only transparent integrity
+checking of block devices using kernel crypto API.
+
+The dm-verity devices are always read-only.
+
+== BASIC ACTIONS
+
+Veritysetup supports these operations:
+
+=== FORMAT
+*format <data_device> <hash_device>*
+
+Calculates and permanently stores hash verification data for
+data_device. Hash area can be located on the same device after data if
+specified by --hash-offset option.
+
+Note you need to provide root hash string for device verification or
+activation. Root hash must be trusted.
+
+The data or hash device argument can be block device or file image. If
+hash device path doesn't exist, it will be created as file.
+
+*<options>* can be [--hash, --no-superblock, --format,
+--data-block-size, --hash-block-size, --data-blocks, --hash-offset,
+--salt, --uuid, --root-hash-file].
+
+If option --root-hash-file is used, the root hash is stored in
+hex-encoded text format in <path>.
+
+=== OPEN
+*open <data_device> <name> <hash_device> <root_hash>* +
+*open <data_device> <name> <hash_device> --root-hash-file <path>* +
+create <name> <data_device> <hash_device> <root_hash> (*OBSOLETE syntax*)
+
+Creates a mapping with <name> backed by device <data_device> and using
+<hash_device> for in-kernel verification.
+
+The <root_hash> is a hexadecimal string.
+
+*<options>* can be [--hash-offset, --no-superblock, --ignore-corruption
+or --restart-on-corruption, --panic-on-corruption, --ignore-zero-blocks,
+--check-at-most-once, --root-hash-signature, --root-hash-file, --use-tasklets].
+
+If option --root-hash-file is used, the root hash is read from <path>
+instead of from the command line parameter. Expects hex-encoded text,
+without terminating newline.
+
+If option --no-superblock is used, you have to use as the same options
+as in initial format operation.
+
+=== VERIFY
+*verify <data_device> <hash_device> <root_hash>* +
+*verify <data_device> <hash_device> --root-hash-file <path>*
+
+Verifies data on data_device with use of hash blocks stored on
+hash_device.
+
+This command performs userspace verification, no kernel device is
+created.
+
+The <root_hash> is a hexadecimal string.
+
+If option --root-hash-file is used, the root hash is read from <path>
+instead of from the command line parameter. Expects hex-encoded text,
+without terminating newline.
+
+*<options>* can be [--hash-offset, --no-superblock, --root-hash-file].
+
+If option --no-superblock is used, you have to use as the same options
+as in initial format operation.
+
+=== CLOSE
+*close <name>* +
+remove <name> (*OBSOLETE syntax*)
+
+Removes existing mapping <name>.
+
+*<options>* can be [--deferred] or [--cancel-deferred].
+
+=== STATUS
+*status <name>*
+
+Reports status for the active verity mapping <name>.
+
+=== DUMP
+*dump <hash_device>*
+
+Reports parameters of verity device from on-disk stored superblock.
+
+*<options>* can be [--hash-offset].
+
+== OPTIONS
+
+*--no-superblock*::
+Create or use dm-verity without permanent on-disk superblock.
+
+*--format=number*::
+Specifies the hash version type. Format type 0 is original Chrome OS
+version. Format type 1 is current version.
+
+*--data-block-size=bytes*::
+Used block size for the data device. (Note kernel supports only
+page-size as maximum here.)
+
+*--hash-block-size=bytes*::
+Used block size for the hash device. (Note kernel supports only
+page-size as maximum here.)
+
+*--data-blocks=blocks*::
+Size of data device used in verification. If not specified, the whole
+device is used.
+
+*--hash-offset=bytes*::
+Offset of hash area/superblock on hash_device. Value must be aligned
+to disk sector offset.
+
+*--salt=hex string*::
+Salt used for format or verification. Format is a hexadecimal string.
+
+*--uuid=UUID*::
+Use the provided UUID for format command instead of generating new
+one.
++
+The UUID must be provided in standard UUID format, e.g.
+12345678-1234-1234-1234-123456789abc.
+*--ignore-corruption , --restart-on-corruption ,
+--panic-on-corruption*::
+Defines what to do if data integrity problem is detected (data
+corruption).
++
+Without these options kernel fails the IO operation with I/O error. With
+--ignore-corruption option the corruption is only logged. With
+--restart-on-corruption or --panic-on-corruption the kernel is restarted
+(panicked) immediately. (You have to provide way how to avoid restart
+loops.)
++
+*WARNING:* Use these options only for very specific cases. These options
+are available since Linux kernel version 4.1.
+
+*--ignore-zero-blocks*::
+Instruct kernel to not verify blocks that are expected to contain
+zeroes and always directly return zeroes instead.
++
+*WARNING:* Use this option only in very specific cases. This option is
+available since Linux kernel version 4.5.
+
+*--check-at-most-once*::
+Instruct kernel to verify blocks only the first time they are read
+from the data device, rather than every time.
++
+*WARNING:* It provides a reduced level of security because only offline
+tampering of the data device's content will be detected, not online
+tampering. This option is available since Linux kernel version 4.17.
+
+*--hash=hash*::
+Hash algorithm for dm-verity. For default see --help option.
+
+*--fec-device=fec_device*::
+Use forward error correction (FEC) to recover from corruption if hash
+verification fails. Use encoding data from the specified device.
++
+The fec device argument can be block device or file image. For format,
+if fec device path doesn't exist, it will be created as file.
++
+Block sizes for data and hash devices must match. Also, if the verity
+data_device is encrypted the fec_device should be too.
++
+FEC calculation covers data, hash area, and optional foreign metadata
+stored on the same device with the hash tree (additional space after
+hash area). Size of this optional additional area protected by FEC is
+calculated from image sizes, so you must be sure that you use the same
+images for activation.
++
+If the hash device is in a separate image, metadata covers the whole
+rest of the image after the hash area.
++
+If hash and FEC device is in the image, metadata ends on the FEC area
+offset.
+
+*--fec-offset=bytes*::
+This is the offset, in bytes, from the start of the FEC device to the
+beginning of the encoding data.
+
+*--fec-roots=num*::
+Number of generator roots. This equals to the number of parity bytes
+in the encoding data. In RS(M, N) encoding, the number of roots is
+M-N. M is 255 and M-N is between 2 and 24 (including).
+
+*--root-hash-file=FILE*::
+Path to file with stored root hash in hex-encoded text.
+
+*--root-hash-signature=FILE*::
+Path to root hash signature file used to verify the root hash (in
+kernel). This feature requires Linux kernel version 5.4 or more
+recent.
+
+*--use-tasklets*::
+Try to use kernel tasklets in dm-verity driver for performance reasons.
+This option is available since Linux kernel version 6.0.
+
+*--deferred*::
+Defers device removal in *close* command until the last user closes
+it.
+
+*--cancel-deferred*::
+Removes a previously configured deferred device removal in *close*
+command.
+
+*--verbose, -v*::
+Print more information on command execution.
+
+*--debug*::
+Run in debug mode with full diagnostic logs. Debug output lines are
+always prefixed by *#*.
+
+*--version, -V*::
+Show the program version.
+
+*--batch-mode, -q*::
+Do not ask for confirmation.
+
+*--usage*::
+Show short option help.
+
+*--help, -?*::
+Show help text and default parameters.
+
+== RETURN CODES
+
+Veritysetup returns *0* on success and a non-zero value on error.
+
+Error codes are: *1* wrong parameters, *2* no permission, *3* out of memory,
+*4* wrong device specified, *5* device already exists or device is busy.
+
+== EXAMPLES
+
+*veritysetup --data-blocks=256 format <data_device> <hash_device>*
+
+Calculates and stores verification data on hash_device for the first 256
+blocks (of block-size). If hash_device does not exist, it is created (as
+file image).
+
+*veritysetup format --root-hash-file <path> <data_device> <hash_device>*
+
+Calculates and stores verification data on hash_device for the whole
+data_device, and store the root hash as hex-encoded text in <path>.
+
+*veritysetup --data-blocks=256 --hash-offset=1052672 format <device>
+<device>*
+
+Verification data (hashes) is stored on the same device as data
+(starting at hash-offset). Hash-offset must be greater than number of
+blocks in data-area.
+
+*veritysetup --data-blocks=256 --hash-offset=1052672 create test-device
+<device> <device> <root_hash>*
+
+Activates the verity device named test-device. Options --data-blocks and
+--hash-offset are the same as in the format command. The <root_hash> was
+calculated in format command.
+
+*veritysetup --data-blocks=256 --hash-offset=1052672 verify
+<data_device> <hash_device> <root_hash>*
+
+Verifies device without activation (in userspace).
+
+*veritysetup --data-blocks=256 --hash-offset=1052672 --root-hash-file
+<path> verify <data_device> <hash_device>*
+
+Verifies device without activation (in userspace). Root hash passed via
+a file rather than inline.
+
+*veritysetup --fec-device=<fec_device> --fec-roots=10 format
+<data_device> <hash_device>*
+
+Calculates and stores verification and encoding data for data_device.
+
+== DM-VERITY ON-DISK SPECIFICATION
+
+The on-disk format specification is available at
+https://gitlab.com/cryptsetup/cryptsetup/wikis/DMVerity[*DMVerity*] page.
+
+== AUTHORS
+
+The first implementation of veritysetup was written by Chrome OS
+authors.
+
+This version is based on verification code written by
+mailto:mpatocka@redhat.com[Mikulas Patocka] and rewritten for libcryptsetup
+by mailto:gmazyland@gmail.com[Milan Broz].
+
+include::man/common_footer.adoc[]