eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-24 01:00:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add warning about OPAL admin PIN to man page and release notes.

Browse Source
This commit is contained in:
Milan Broz
2024-04-09 10:37:26 +02:00
parent 53044370e3
commit 84d3820a2f
2 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/v2.7.2-ReleaseNotes
View File

@@ -21,3 +21,11 @@ Changes since version 2.7.1
as this passphrase already exists.
* Update license for FAQ document to CC BY-SA 4.0.
NOTE: Please note that with OPAL-only (--hw-opal-only) encryption,
the configured OPAL administrator PIN (passphrase) allows unlocking
all configured locking ranges without LUKS keyslot decryption
(without knowledge of LUKS passphrase).
Because of many observed problems with compatibility, cryptsetup
currently DOES NOT use OPAL single-user mode, which would allow such
decoupling of OPAL admin PIN access.