Adding upstream version 2.10.
Signed-off-by: Daniel Baumann <daniel@debian.org>
This commit is contained in:
parent
1e65f355a3
commit
24ce361c7c
GPG key ID:
FBB4F0E80A80222F
530 changed files with 12276 additions and 4877 deletions
|
|
@ -1,5 +1,5 @@
|
|||
nvme-tls-key(1)
|
||||
======================
|
||||
===============
|
||||
|
||||
NAME
|
||||
----
|
||||
|
|
@ -12,13 +12,14 @@ SYNOPSIS
|
|||
[--keytype=<type> | -t <type>]
|
||||
[--keyfile=<file> | -f <file>]
|
||||
[--import | -i] [--export | -e]
|
||||
[--revoke=<description>| -r <description>]
|
||||
[--verbose | -v]
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Import or export NVMe TLS pre-shared keys (PSKs) from the
|
||||
system keystore. When the '--export' option is given, all
|
||||
NVMe TLS PSKs are exported in the form
|
||||
Import, export or remove NVMe TLS pre-shared keys (PSKs) from the system
|
||||
keystore. When the '--export' option is given, all NVMe TLS PSKs are
|
||||
exported in the form
|
||||
|
||||
<descriptions> <psk>
|
||||
|
||||
|
|
@ -41,7 +42,7 @@ OPTIONS
|
|||
Type of the key for resulting TLS key.
|
||||
Default is 'psk'.
|
||||
|
||||
-k <file>::
|
||||
-f <file>::
|
||||
--keyfile=<file>::
|
||||
File to read the keys from or write the keys to instead of
|
||||
stdin / stdout.
|
||||
|
|
@ -54,7 +55,11 @@ OPTIONS
|
|||
-e::
|
||||
--export::
|
||||
Write the key data to the file specified by '--keyfile'
|
||||
or stdou if not present.
|
||||
or stdout if not present.
|
||||
|
||||
-r <description>::
|
||||
--revoke=<description>::
|
||||
Revoke a key from a keyring.
|
||||
|
||||
-v::
|
||||
--verbose::
|
||||
|
|
@ -62,7 +67,61 @@ OPTIONS
|
|||
|
||||
EXAMPLES
|
||||
--------
|
||||
No Examples
|
||||
|
||||
* Create a new TLS key and insert it directly into the .nvme keyring:
|
||||
+
|
||||
------------
|
||||
# nvme gen-tls-key -i -n hostnqn0 -c subsys0
|
||||
NVMeTLSkey-1:01:/b9tVz2OXJVISnoFgrPAygyS86XYJWkAapQeULns6PMpM8wv:
|
||||
Inserted TLS key 26b3260e
|
||||
------------
|
||||
|
||||
* Export previously created key from the kernel keyring and store it into a file
|
||||
+
|
||||
------------
|
||||
# nvme tls-key -e -f nvme-tls-keys.txt
|
||||
------------
|
||||
|
||||
* Export/list all keys from the .nvme keyring using nvme and keyctl
|
||||
+
|
||||
------------
|
||||
# nvme tls-key --export
|
||||
NVMe0R01 hostnqn0 subsys0 NVMeTLSkey-1:01:/b9tVz2OXJVISnoFgrPAygyS86XYJWkAapQeULns6PMpM8wv:
|
||||
|
||||
# keyctl show
|
||||
Session Keyring
|
||||
573249525 --alswrv 0 0 keyring: _ses
|
||||
353599402 --alswrv 0 65534 \_ keyring: _uid.0
|
||||
475911922 ---lswrv 0 0 \_ keyring: .nvme
|
||||
649274894 --als-rv 0 0 \_ psk: NVMe0R01 hostnqn0 subsys0
|
||||
------------
|
||||
|
||||
* Revoke a key using the description and verifying with
|
||||
keyctl the operation
|
||||
+
|
||||
------------
|
||||
# nvme tls-key --revoke="NVMe0R01 hostnqn0 subsys0"
|
||||
|
||||
# keyctl show
|
||||
Session Keyring
|
||||
573249525 --alswrv 0 0 keyring: _ses
|
||||
353599402 --alswrv 0 65534 \_ keyring: _uid.0
|
||||
475911922 ---lswrv 0 0 \_ keyring: .nvme
|
||||
649274894: key inaccessible (Key has been revoked)
|
||||
------------
|
||||
|
||||
* Import back previously generated key from file and verify with keyctl
|
||||
+
|
||||
------------
|
||||
# nvme tls-key --import -f nvme-tls-keys.txt
|
||||
|
||||
# keyctl show
|
||||
Session Keyring
|
||||
573249525 --alswrv 0 0 keyring: _ses
|
||||
353599402 --alswrv 0 65534 \_ keyring: _uid.0
|
||||
475911922 ---lswrv 0 0 \_ keyring: .nvme
|
||||
734343968 --als-rv 0 0 \_ psk: NVMe0R01 hostnqn0 subsys0
|
||||
------------
|
||||
|
||||
NVME
|
||||
----
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue