<variablelist class='crypttab-options'>
<varlistentry>
- <term><varname>allow-discards</varname></term>
+ <term><varname>discard</varname></term>
<listitem><para>Allow discard requests to be
passed through the encrypted block device. This
<term><varname>luks</varname></term>
<listitem><para>Force LUKS mode. When this mode
- is used the following options are ignored since
+ is used, the following options are ignored since
they are provided by the LUKS header on the
device: <varname>cipher=</varname>,
<varname>hash=</varname>,
<term><varname>tcrypt</varname></term>
<listitem><para>Use TrueCrypt encryption mode.
- When this mode is used the following options are
+ When this mode is used, the following options are
ignored since they are provided by the TrueCrypt
header on the device or do not apply:
<varname>cipher=</varname>,
<term><varname>tries=</varname></term>
<listitem><para>Specifies the maximum number of
- times the user is queried for a password.</para></listitem>
+ times the user is queried for a password.
+ The default is 3. If set to 0, the user is
+ queried for a password indefinitely.</para></listitem>
</varlistentry>
<varlistentry>
swap /dev/sda7 /dev/urandom swap
truecrypt /dev/sda2 /etc/container_password tcrypt
hidden /mnt/tc_hidden /null tcrypt-hidden,tcrypt-keyfile=/etc/keyfile</programlisting>
+ <para>Note that the default hash algorithm is ripemd160. If you use your system
+ in FIPS mode, please specify supported hash algorithm (e.g.: hash=sha1).</para>
</example>
</refsect1>
~ianmdlvl / elogind.git / blobdiff