fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-05-04 16:28:01 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

man: fix description of v2 secret key in man NetworkManager

Browse source 
Fixes: 0aa09da5f4 ('man: explain "/var/lib/NetworkManager/secret-key" in `man NetworkManager`')
This commit is contained in:
Thomas Haller 2020-09-02 13:20:09 +02:00
parent 0aa09da5f4
commit 4018504247
No known key found for this signature in database
GPG key ID: 29C2366E4DFC5728
1 changed files with 6 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
man/NetworkManager.xml
View file

@ -519,7 +519,7 @@
</refsect1>
<refsect1>
<title>/var/lib/NetworkManager/secret-key and /etc/machine-id</title>
<title>/var/lib/NetworkManager/secret_key and /etc/machine-id</title>
<para>
The identity of a machine is important as various settings depend on it. For example,
@ -530,14 +530,14 @@
</para>
<para>
If you backup and restore a machine, the identity of the machine probably should be preserved.
In that case, preserve the files <filename>/var/lib/NetworkManager/secret-key</filename> and
In that case, preserve the files <filename>/var/lib/NetworkManager/secret_key</filename> and
<literal>/etc/machine-id</literal>. On the other hand, if you clone a virtual machine, you
probably want that the clone has a different identity. There is already existing tooling on Linux for
handling <literal>/etc/machine-id</literal> (see
<link linkend='machine-id'><citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry></link>).
</para>
<para>
The identity of the machine is determined by the <filename>/var/lib/NetworkManager/secret-key</filename>.
The identity of the machine is determined by the <filename>/var/lib/NetworkManager/secret_key</filename>.
If such a file does not exist, NetworkManager will create a file with random content. To generate
a new identity just delete the file and after restart a new file will be created.
The file should be read-only to root and contain at least 16 bytes that will be used to seed the various places
@ -545,12 +545,12 @@
</para>
<para>
Since 1.16.0, NetworkManager supports a version 2 of secret-keys. For such keys
<filename>/var/lib/NetworkManager/secret-key</filename> starts with ASCII <literal>"nm-v2:"</literal>
followed by at least 16 bytes of random data.
<filename>/var/lib/NetworkManager/secret_key</filename> starts with ASCII <literal>"nm-v2:"</literal>
followed by at least 32 bytes of random data.
Also, recent versions of NetworkManager always create such kinds of secret-keys, when
the file does not yet exist.
With version 2 of the secret-key, <literal>/etc/machine-id</literal> is also hashed as part
of the generation for addresses and identifiers. The advantage is that you can keep <filename>/var/lib/NetworkManager/secret-key</filename>
of the generation for addresses and identifiers. The advantage is that you can keep <filename>/var/lib/NetworkManager/secret_key</filename>
stable, and only regenerate <literal>/etc/machine-id</literal> when cloning a VM.
</para>
</refsect1>