blob: 2df4fcad3bb766de6a2002a5643d15000ddf59a1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
nvme-check-tls-key(1)
========================
NAME
----
nvme-check-tls-key - Check a generated NVMe TLS PSK
SYNOPSIS
--------
[verse]
'nvme check-tls-key' [--keyring=<name> | -k <name>]
[--keytype=<type> | -t <type>]
[--hostnqn=<nqn> | -n <nqn>]
[--subsysnqn=<nqn> | -c <nqn>]
[--keydata=<key> | -d <key>]
[--output-format=<fmt> | -o <fmt>]
[--identity=<id-vers> | -I <id-vers>]
[--insert | -i ]
[--verbose | -v]
DESCRIPTION
-----------
Checks if the key is a valid NVMe TLS PSK in the PSK interchange format
'NVMeTLSkey-1:01:<base64-encoded data>:'. If '--insert' is specified the
the derived 'retained' TLS key is stored in the keyring, otherwise the
TLS identity of the key is printed out.
OPTIONS
-------
-k <name>::
--keyring=<name>::
Name of the keyring into which the 'retained' TLS key should be
stored. Default is '.nvme'.
-t <type>::
--keytype=<type>::
Type of the key for resulting TLS key.
Default is 'psk'.
-n <nqn>::
--hostnqn=<nqn>::
Host NVMe Qualified Name (NQN) to be used to derive the
'retained' TLS key
-c <nqn>::
--subsysnqn=<nqn>::
Subsystem NVMe Qualified Name (NQN) to be used to derive the
'retained' TLS key
-d <key>::
--keydata=<key>::
Key to be checked.
-I <id-vers>::
--identity=<id-vers>::
NVMe TLS key identity version to be used; '0' for the default
identity, and '1' for the TLS identity suffixed by the PSK hash
as specified in TP8018.
-i:
--insert:
Insert the derived 'retained' key in the keyring.
-o <fmt>::
--output-format=<fmt>::
Set the reporting format to 'normal', 'json' or 'binary'. Only one
output format can be used at a time.
-v::
--verbose::
Increase the information detail in the output.
EXAMPLES
--------
No Examples
NVME
----
Part of the nvme-user suite
|
