Commit Graph

47 Commits

Author SHA1 Message Date
Jakob Unterwurzacher
bfe421b327 MANPAGE: reorder options to match "-hh" output; add "-hkdf", "-trace" 2017-06-20 19:49:18 +02:00
Charles Duffy
cf1ded5236 Implement force_owner option to display ownership as a specific user. 2017-06-01 00:26:17 +02:00
Jakob Unterwurzacher
1e598e96fc main: add "-info" option
Pretty-prints the config while stripping out sensitive
(and uninteresting) data

https://github.com/rfjakob/gocryptfs/issues/111
2017-05-30 19:01:32 +02:00
Jakob Unterwurzacher
3409ade272 forcedecode: tighten checks
...and fix a few golint issues and print a scary warning message on mount.

Also, force the fs to ro,noexec.
2017-04-24 00:25:02 +02:00
danim7
f1945c4daa Add -forcedecode
Force decode of encrypted files even if the integrity check fails, instead of
failing with an IO error. Warning messages are still printed to syslog if corrupted
files are encountered.
It can be useful to recover files from disks with bad sectors or other corrupted
media.

Closes https://github.com/rfjakob/gocryptfs/pull/102 .
2017-04-23 23:11:56 +02:00
Jakob Unterwurzacher
602f62b821 MANPAGE: reformat to GFM (github flavored markdown)
This makes it render properly on the github webinterface.
2017-03-28 19:55:46 +02:00
Jakob Unterwurzacher
912ef72cc8 MANPAGE: fix alphabetical order and expand scryptn explaination 2017-03-25 19:54:50 +01:00
danim7
40f0a8ee72 Further explain the use of 'scryptn' parameter (#94)
* Further explain the use of 'scryptn' parameter

* Further explain the use of 'scryptn' parameter in MANPAGE

* Use 28 as reasonable upper limit
2017-03-25 18:22:08 +01:00
Jakob Unterwurzacher
b78c3bd516 MANPAGE: document "-serialize_reads" 2017-03-19 20:23:49 +01:00
Jakob Unterwurzacher
98ecf1f074 MANPAGE: document "-speed" 2017-02-26 19:34:23 +01:00
Jakob Unterwurzacher
f2920f71e8 MANPAGE: document error code 12 2017-02-26 19:30:28 +01:00
Jakob Unterwurzacher
1e9d735406 Document "--" to stop option parsing in help text + man page 2017-02-12 12:49:04 +01:00
Jakob Unterwurzacher
6166dad05c readpassword: support spaces in "-passfile" filename
...and while we are at it, also filenames starting with "-".
2017-01-29 00:34:12 +01:00
Jakob Unterwurzacher
de200aad72 main: add "-fsname" option
As requested in https://github.com/rfjakob/gocryptfs/issues/73 .
2017-01-26 22:13:57 +01:00
Jakob Unterwurzacher
0f8d3318a3 main, fusefrontend: add "-noprealloc" option
Preallocation is very slow on hdds that run btrfs. Give the
user the option to disable it. This greatly speeds up small file
operations but reduces the robustness against out-of-space errors.

Also add the option to the man page.

More info: https://github.com/rfjakob/gocryptfs/issues/63
2016-11-25 09:19:14 +01:00
Jakob Unterwurzacher
081015aa74 MANPAGE: document ctlsock 2016-11-11 00:01:29 +01:00
Jakob Unterwurzacher
b527e205e2 main: rename "-f" to "-fg"
"-f" looks too much like "--force". The old variant is still
accepted for compatability.
2016-11-01 19:00:45 +01:00
Jakob Unterwurzacher
d6678f73b4 MANPAGE: document -raw64 2016-11-01 18:53:42 +01:00
Jakob Unterwurzacher
d41492bcbc MANPAGE: update version field description 2016-11-01 18:30:32 +01:00
Jakob Unterwurzacher
75b776cb3d MANPAGE: add reverse example, move "-o" into alphabetical list
People will search for "-o" alphabetically, so put it into the
alphabetical option list, even if it is not a real option.
2016-11-01 15:55:05 +01:00
Jakob Unterwurzacher
86afaee200 MANPAGE: prettify plain-text formatting 2016-10-21 00:05:56 +02:00
Jakob Unterwurzacher
c487e176bd main: allow password change with -masterkey
Requested at https://github.com/rfjakob/gocryptfs/issues/28
2016-10-16 18:17:28 +02:00
Jakob Unterwurzacher
e1c5e71b09 main: add "-passfile" option
Make it easier to read the password from a file. Internally this
is equivalent to "-extpass /bin/cat FILE".
2016-10-09 20:08:10 +02:00
Jakob Unterwurzacher
9cf3ced0ce main: also accept options at the end via "-o"
For compatability with mount(1), options are also accepted as
"-o COMMA-SEPARATED-OPTIONS" at the end of the command line.
For example, "-o q,zerokey" is equivalent to "-q -zerokey".
2016-10-09 20:05:54 +02:00
Jakob Unterwurzacher
25a8802403 main: rename "-o" option to "-ko"
This prevents confusion with the "-o" options that is passed
by mount(1) at the end of the command line.
2016-10-09 19:32:55 +02:00
Jakob Unterwurzacher
9b1a35174b MANPAGE: note that "-f" implies "-nosyslog"
Also explain why AES-SIV exists.
2016-10-07 23:02:04 +02:00
Jakob Unterwurzacher
434ce50db3 main: add "-nonempty" option 2016-10-06 22:41:13 +02:00
Jakob Unterwurzacher
e9bb8b800c reverse: switch from GCM-SIV to AES-SIV
GCM-SIV is not yet finalized, and the reference implemenation is
painfully slow at about 2 MB/s. Switch to AES-SIV.
2016-09-26 23:25:13 +02:00
Jakob Unterwurzacher
2050c7f3b3 reverse: add gcmsiv flag and associated tests 2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
a8a0d2d92c MANPAGE: note that "-plaintextnames" disables symlink encryption
This is no change in behavoir, just a clarification in the man page.
2016-06-26 23:08:25 +02:00
Jakob Unterwurzacher
15b88756ad main: add "-o" option to enable "suid" and "dev"
Device files and suid binaries are often not needed when running
gocryptfs as root. As they are potentially dangerous, let the
user enable them explicitely via the new "-o" option instead of
always enabling them when running as root.
2016-06-26 23:03:18 +02:00
Jakob Unterwurzacher
b558901e66 Drop deprecated "-gcmiv128" option
The GCMIV128 feature flag is already mandatory, dropping the command
line option is the final step.

Completes https://github.com/rfjakob/gocryptfs/issues/29 .
2016-06-23 22:10:19 +02:00
Jakob Unterwurzacher
3d59a72ba9 Drop deprecated "-emenames" option
The EMENames feature flag is already mandatory, dropping the command
line option is the final step.
2016-06-23 21:56:50 +02:00
Jakob Unterwurzacher
b17f0465c7 Drop deprecated "-diriv" option
The DirIV feature flag is already mandatory, dropping the command
line option is the final step.
2016-06-23 21:38:59 +02:00
Jakob Unterwurzacher
1dcafb99ff main: drop "on-disk format" from -version output, add Go version
As v0.4 introduced ext4-style feature flags, the on-disk format version
is unlinkely to change. Drop it from the version output to reduce
clutter. Use "gocryptfs -version -debug" to see it.

Add the Go version string because only Go 1.6 and newer have an optimized
AES-GCM implementation. This will help users to understand the performance
of their build.
2016-06-19 19:33:15 +02:00
Jakob Unterwurzacher
82d87ff8ed Add "-ro" (read-only) flag
From the man page:

  **-ro**
  :      Mount the filesystem read-only

Also add a test.
2016-06-16 21:29:22 +02:00
Jakob Unterwurzacher
e7f78135b3 Add "-allow_other" command-line option
As requested in https://github.com/rfjakob/gocryptfs/issues/26 ,
this adds the option to allow other users to access the filesystem.
2016-05-18 19:30:05 +02:00
Jakob Unterwurzacher
4ad9d4e444 prefer_openssl: add amd64 constraint
Optimized assembly versions for Go GCM are only available
on amd64.
2016-05-12 09:50:36 +02:00
Jakob Unterwurzacher
49b597f07c prefer_openssl: autodetect whether to use OpenSSL or Go GCM
Go GCM is faster than OpenSSL if the CPU has AES instructions
and you are running Go 1.6+.

The "-openssl" option now defaults to "auto".

"gocryptfs -debug -version" displays the result of the autodetection.

See https://github.com/rfjakob/gocryptfs/issues/23 for details and
benchmarks.
2016-05-12 00:42:42 +02:00
Jakob Unterwurzacher
f035d3efba Update manpage with "longnames" option, explain feature flag options 2016-04-17 21:19:51 +02:00
Jakob Unterwurzacher
6454db68d9 Add new "-wpanic" option and enable it for the automated tests 2016-01-31 18:09:39 +01:00
Jakob Unterwurzacher
65b8d5bc46 Update MANPAGE with new options 2016-01-24 18:20:52 +01:00
Jakob Unterwurzacher
6a9da0db10 Add EXAMPLES to manpage 2016-01-06 16:55:38 +01:00
Jakob Unterwurzacher
1caa925868 Increase GCM IV size from 96 to 128 bits
This pushes back the birthday bound for collisions to make it virtually
irrelevant.
2015-12-19 15:02:29 +01:00
Jakob Unterwurzacher
c6dacd6f91 Add EME filename encryption & enable it by default 2015-12-08 16:17:04 +01:00
Jakob Unterwurzacher
353d29b502 Update manpage with -diriv and -scryptn 2015-12-04 22:41:14 +01:00
Jakob Unterwurzacher
accf8144ca Move docs to Documentation folder 2015-12-01 18:19:24 +01:00