eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-05 16:00:05 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
360f85dde7f6f3d9193009d3c0459d84c3d782d6
cryptsetup/man/cryptsetup-luksFormat.8.adoc
Milan Broz 360f85dde7 man: Grammar and simple stylistic fixes. 
This is based mainly on Grammarly.

It unifies man pages to at least some level of grammar,
so later we can focus on adding more readable content.
2025-07-17 15:01:39 +02:00

40 lines
2.3 KiB
Plaintext
Raw Blame History

= cryptsetup-luksFormat(8)
:doctype: manpage
:manmanual: Maintenance Commands
:mansource: cryptsetup {release-version}
:man-linkstyle: pass:[blue R < >]
:COMMON_OPTIONS:
:ACTION_LUKSFORMAT:
== Name
cryptsetup-luksFormat - initialize a LUKS partition and set the initial passphrase
== SYNOPSIS
*cryptsetup _luksFormat_ [<options>] <device> [<key file>]*
== DESCRIPTION
Initializes a LUKS partition and sets the initial passphrase (for keyslot 0) via prompting or <key file>.
Note that if the second argument is present, the passphrase is taken from the file given there, without using the --key-file option.
Also note that for both forms of reading the passphrase from a file, you can give '-' as a file name, which results in the passphrase being read from stdin and the safety question being skipped.
You cannot call luksFormat on a device or filesystem that is mapped or in use, e.g., a mounted filesystem, used in LVM, active RAID member, etc.
The device or filesystem has to be unmounted in order to call luksFormat.
To use a specific version of LUKS format, use _--type luks1_ or _type luks2_.
To use OPAL hardware encryption on a self-encrypting drive, use --hw-opal or --hw-opal-only.
Note that some OPAL drives can require a PSID reset (with deletion of data) before using the LUKS format with OPAL options.
See --hw-opal-factory-reset option in cryptsetup _erase_ command.
*<options>* can be [--hash, --cipher, --verify-passphrase, --key-size, --key-slot, --key-file (takes precedence over optional second argument), --keyfile-offset, --keyfile-size, --use-random, --use-urandom, --uuid, --volume-key-file, --iter-time, --header, --pbkdf-force-iterations, --force-password, --disable-locks, --timeout, --type, --offset, --align-payload (deprecated)].
For LUKS2, additional *<options>* can be [--integrity, --integrity-no-wipe, --sector-size, --label, --subsystem, --pbkdf, --pbkdf-memory, --pbkdf-parallel, --disable-locks, --disable-keyring, --luks2-metadata-size, --luks2-keyslots-size, --keyslot-cipher, --keyslot-key-size, --integrity-legacy-padding, --hw-opal, --hw-opal-only].
*WARNING:* Doing a luksFormat on an existing LUKS container will make all data in the old container permanently irretrievable unless you have a header backup.
include::man/common_options.adoc[]
include::man/common_footer.adoc[]
Reference in New Issue View Git Blame Copy Permalink