From 4f7b10f59b97b45d42577c4d6d33958d9565aef7 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon, 12 Jul 2010 12:57:11 +0200
Subject: Initial additions to have PK encryption/decryption. Separated
 operations on keys to read/write to prevent overwriting a key while using it.
 Several other cleanups.

---
 README | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'README')

diff --git a/README b/README
index d32b28a..8e80fcb 100644
--- a/README
+++ b/README
@@ -3,7 +3,10 @@ designed. The ioctl() API is in ncr.h and the userspace in ncrypto.h.
 
 For the new API to fully operate, root must load a system key (constant
 per system) using the setkey program. After this stage the new API should
-be fully operational. 
+be fully operational. Example:
+$ dd if=/dev/urandom of=/boot/key count=1 bs=16
+$ chmod 600 /boot/key
+$ userspace/ncr-setkey /boot/key
 
 The main concept of the new API is disallow userspace applications
 access to cryptographic keys. Operations should be possible (such
-- 
cgit