bscrypto: Bareos's 'scsi crypto'

OPTIONS

A summary of options is included below.

-?: Show version and usage of program.
-b: Perform base64 encoding of keydata. Any binary data is base64 encoded and as such converted to normal ASCII.
-c: Clear encryption key. Clear the encryption key currently loaded on the drive by issueing a SCSI SPOUT clear key page.
-D <cachefile>: Dump the content of given cachefile
-d <nn>: Set debug level to <nn>
-e: Show drive encryption status. Request the current drive encryption status by issueing a SCSI SPIN cmd requesting the SPIN_DATA_ENCR_STATUS_PAGE.
-g <keyfile>: Generate new encryption passphrase in keyfile. A passphrase is generated from random data and is ASCII only.
-k <keyfile>: Show content of keyfile. If the data is wrapped using a so called Key Encryption Key you also need the -b flag to base64 decode the data that is wrapped using the algoritm described in RFC3394 which gives binary output.
-p <cachefile>: Populate given cachefile with crypto keys
-r <cachefile>: Reset expiry time for entries of given cachefile
-s <keyfile>: Set encryption key loaded from keyfile. Load the new key from the keyfile and load it into the drives crypto buffer using a SCSI SPOUT command.
-v: Show volume encryption status. Request the current volume encryption status by issueing a SCSI SPIN cmd requesting the SPIN_NEXT_BLOCK_ENCR_STATUS_PAGE.
-w <keyfile>: Wrap/Unwrap the key using RFC3394 aes-(un)wrap using the key in keyfile as a Key Encryption Key After wrapping the data using this option the output is binary so you may want to use the -b flag to base64 encode this data.

bscrypto (8)

SYNOPSIS

DESCRIPTION

OPTIONS

RELATED TO bscrypto…

AUTHOR