From: Ken Dreyer <ktdreyer@ktdreyer.com>
Date: Sat, 27 Jul 2013 15:22:56 +0000 (-0600)
Subject: doc: clarify setcrypt defaults
X-Git-Tag: upstream/1.8.0_pre1^2~1050
X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=3a24ed9baef178d34b6d0fb3a5f6a485dea9353b;p=packages%2Fo%2Fopenafs.git

doc: clarify setcrypt defaults

Change-Id: I0145ecc9935786204d215a11459d170f6220657b
Reviewed-on: http://gerrit.openafs.org/10111
Reviewed-by: Jason Edgecombe <jason@rampaginggeek.com>
Reviewed-by: Michael Laß <lass@mail.uni-paderborn.de>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: Derrick Brashear <shadow@your-file-system.com>
---

diff --git a/doc/man-pages/pod1/fs_setcrypt.pod b/doc/man-pages/pod1/fs_setcrypt.pod
index 495b415d4..8fda10cf8 100644
--- a/doc/man-pages/pod1/fs_setcrypt.pod
+++ b/doc/man-pages/pod1/fs_setcrypt.pod
@@ -22,7 +22,11 @@ authentication, which uses Kerberos 5 or klog/kaserver. The complement of
 this command is B<fs getcrypt>, which shows the status of encryption on
 the client.
 
-The default encryption status is enabled.
+The default encryption status is enabled on Windows. It is disabled on all
+non-Windows clients by default. You may enable encryption by default on
+non-Windows platforms by executing B<fs setcrypt -crypt on> immediately
+after the client daemon starts. For example, on Linux, you can do this
+within the SysV init script, or with systemd's ExecStartPost parameter.
 
 This is a global setting and applies to all subsequent connections to an
 AFS File Server from this Cache Manager. There is no way to enable or