From 703902400df2eced5374ab396ff5199f29a5db96 Mon Sep 17 00:00:00 2001 From: Klaus Zipfel <30482165+systemofapwne@users.noreply.github.com> Date: Sat, 6 May 2023 22:55:05 +0200 Subject: crypttab: Support for VeraCrypt PIM and detached headers for TrueCrypt/VeraCrypt (#27548) * Added veracrypt-pim= LUKS option for crypttab --- man/crypttab.xml | 28 +++++++++++++++++++++++----- 1 file changed, 23 insertions(+), 5 deletions(-) (limited to 'man') diff --git a/man/crypttab.xml b/man/crypttab.xml index d587f85289..f977fd694d 100644 --- a/man/crypttab.xml +++ b/man/crypttab.xml @@ -172,12 +172,11 @@ - Use a detached (separated) metadata device or - file where the LUKS header is stored. This option is only - relevant for LUKS devices. See + Use a detached (separated) metadata device or file + where the header containing the master key(s) is stored. This + option is only relevant for LUKS and TrueCrypt/VeraCrypt devices. See cryptsetup8 - for possible values and the default value of this - option. + for possible values and the default value of this option. Optionally, the path may be followed by : and an /etc/fstab device specification (e.g. starting with UUID= or @@ -483,6 +482,25 @@ option implies . + + + + Specifies a custom Personal Iteration Multiplier (PIM) + value, which can range from 0..2147468 for standard veracrypt volumes + and 0..65535 for veracrypt system volumes. A value of 0 will imply the + VeraCrypt default. + + This option is only effective when is + set. + + Note that VeraCrypt enforces a minimal allowed PIM value depending on the + password strength and the hash algorithm used for key derivation, however + is not checked against these bounds. + See + documentation for more information. + + + -- cgit v1.2.1