# SOME DESCRIPTIVE TITLE # Copyright (C) YEAR Free Software Foundation, Inc. # This file is distributed under the same license as the PACKAGE package. # FIRST AUTHOR , YEAR. # #, fuzzy msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "POT-Creation-Date: 2023-06-27 19:54+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" "Language: \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. type: TH #: debian-bookworm #, no-wrap msgid "SYSTEMD-BOOT-SYSTEM-TOKEN\\&.SERVICE" msgstr "" #. type: TH #: debian-bookworm #, no-wrap msgid "systemd 252" msgstr "" #. type: TH #: debian-bookworm #, no-wrap msgid "systemd-boot-system-token.service" msgstr "" #. ----------------------------------------------------------------- #. * MAIN CONTENT STARTS HERE * #. ----------------------------------------------------------------- #. type: SH #: debian-bookworm #, no-wrap msgid "NAME" msgstr "" #. type: Plain text #: debian-bookworm msgid "" "systemd-boot-system-token.service - Generate an initial boot loader system " "token and random seed" msgstr "" #. type: SH #: debian-bookworm #, no-wrap msgid "SYNOPSIS" msgstr "" #. type: Plain text #: debian-bookworm msgid "systemd-boot-system-token\\&.service" msgstr "" #. type: SH #: debian-bookworm #, no-wrap msgid "DESCRIPTION" msgstr "" #. type: Plain text #: debian-bookworm msgid "" "systemd-boot-system-token\\&.service is a system service that automatically " "generates a \\*(Aqsystem token\\*(Aq to store in an EFI variable in the " "system\\*(Aqs NVRAM and a random seed to store on the EFI System Partition " "ESP on disk\\&. The boot loader may then combine these two randomized data " "fields by cryptographic hashing, and pass it to the OS it boots as " "initialization seed for its entropy pool\\&. The random seed stored in the " "ESP is refreshed on each reboot ensuring that multiple subsequent boots will " "boot with different seeds\\&. The \\*(Aqsystem token\\*(Aq is generated " "randomly once, and then persistently stored in the system\\*(Aqs EFI " "variable storage\\&." msgstr "" #. type: Plain text #: debian-bookworm msgid "" "The systemd-boot-system-token\\&.service unit invokes the B command, which updates the random seed in the ESP, and initializes the " "\\*(Aqsystem token\\*(Aq if it\\*(Aqs not initialized yet\\&. The service is " "conditionalized so that it is run only when all of the below apply:" msgstr "" #. type: Plain text #: debian-bookworm msgid "" "A boot loader is used that implements the \\m[blue]B\\m[]\\&\\s-2\\u[1]\\d\\s+2 (which defines the \\*(Aqsystem " "token\\*(Aq concept)\\&." msgstr "" #. type: Plain text #: debian-bookworm msgid "" "Either a \\*(Aqsystem token\\*(Aq was not set yet, or the boot loader has " "not passed the OS a random seed yet (and thus most likely has been missing " "the random seed file in the ESP)\\&." msgstr "" #. type: Plain text #: debian-bookworm msgid "" "The system is not running in a VM environment\\&. This case is explicitly " "excluded since on VM environments the ESP backing storage and EFI variable " "storage is typically not physically separated and hence booting the same OS " "image in multiple instances would replicate both, thus reusing the same " "random seed and \\*(Aqsystem token\\*(Aq among all instances, which defeats " "its purpose\\&. Note that it\\*(Aqs still possible to use boot loader random " "seed provisioning in this mode, but the automatic logic implemented by this " "service has no effect then, and the user instead has to manually invoke the " "B acknowledging these restrictions\\&." msgstr "" #. type: Plain text #: debian-bookworm msgid "" "For further details see B(1), regarding the command this service " "invokes\\&." msgstr "" #. type: SH #: debian-bookworm #, no-wrap msgid "SEE ALSO" msgstr "" #. type: Plain text #: debian-bookworm msgid "B(1), B(1), B(7)" msgstr "" #. type: SH #: debian-bookworm #, no-wrap msgid "NOTES" msgstr "" #. type: IP #: debian-bookworm #, no-wrap msgid " 1." msgstr "" #. type: Plain text #: debian-bookworm msgid "Boot Loader Interface" msgstr "" #. type: Plain text #: debian-bookworm msgid "\\%https://systemd.io/BOOT_LOADER_INTERFACE" msgstr ""