From: Amadeusz Żołnowski <aidecoe@aidecoe.name>
Date: Tue, 31 Jul 2012 10:23:18 +0000 (+0200)
Subject: dracut.cmdline.7: add NOTE about how dracut pipes key to cryptsetup
X-Git-Tag: 023~16
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=173edca09e9e59e762abf8723789e04dd31e87df;p=thirdparty%2Fdracut.git

dracut.cmdline.7: add NOTE about how dracut pipes key to cryptsetup
---

diff --git a/dracut.cmdline.7.asc b/dracut.cmdline.7.asc
index 0b1b8a222..884b22390 100644
--- a/dracut.cmdline.7.asc
+++ b/dracut.cmdline.7.asc
@@ -233,6 +233,29 @@ rd.luks.key=/foo/bar.key
 ----
 +
 As you see, you can skip colons in such a case.
++
+[NOTE]
+===============================
+Dracut pipes key to cryptsetup with _-d -_ argument, therefore you need to pipe
+to crypsetup luksFormat with _-d -_, too!
+
+Here follows example for key encrypted with GPG:
+
+----
+gpg --quiet --decrypt rootkey.gpg \
+| cryptsetup -d - -v \
+--cipher serpent-cbc-essiv:sha256 \
+--key-size 256 luksFormat /dev/sda3
+----
+
+If you use plain keys, just add path to _-d_ option:
+
+----
+cryptsetup -d rootkey.key -v \
+--cipher serpent-cbc-essiv:sha256 \
+--key-size 256 luksFormat /dev/sda3
+----
+===============================
 
 MD RAID
 ~~~~~~~