diff --git a/src/zlevis-decrypt b/src/zlevis-decrypt index 9e346d3..17672bc 100755 --- a/src/zlevis-decrypt +++ b/src/zlevis-decrypt @@ -18,11 +18,10 @@ fi # Display usage information if input is from a terminal if [ -t 0 ]; then exec >&2 + echo "$summary" echo echo "Usage: \"zlevis-decrypt < file.jwe\"" echo "Usage ZFS: \"zfs list -Ho tpm:jwe | zlevis-decrypt\"" - echo - echo "$summary" exit 2 fi diff --git a/src/zlevis-encrypt b/src/zlevis-encrypt index d1bd495..1e3b049 100755 --- a/src/zlevis-encrypt +++ b/src/zlevis-encrypt @@ -21,12 +21,6 @@ fi # Display usage information if input is from a terminal if [ -t 0 ]; then exec >&2 - echo - echo "Usage: \"zlevis-encrypt '{\"property\":\"value\"}' < file.key > file.jwe\"" - echo - echo "Usage ZFS: \"zfs set tpm:jwe=\$(zlevis-encrypt '{\"property\":\"value\"}' < tank.key) \"" - echo - echo echo "$summary" echo echo "This command uses the following configuration properties:" @@ -35,6 +29,9 @@ if [ -t 0 ]; then echo " pcr_bank: -> PCR algorithm bank to use for policy (default: first supported by TPM)." echo " pcr_ids: -> PCR list used for policy. If not present, no policy is used." echo " pcr_digest: -> Binary PCR hashes encoded in base64. If not present, the hash values are looked up." + echo + echo "Usage: \"zlevis-encrypt '{\"property\":\"value\"}' < file.key > file.jwe\"" + echo "Usage ZFS: \"zfs set tpm:jwe=\$(zlevis-encrypt '{\"property\":\"value\"}' < tank.key) \"" exit 2 fi diff --git a/src/zlevis-fetch b/src/zlevis-fetch index fa8e2b6..4faffb2 100755 --- a/src/zlevis-fetch +++ b/src/zlevis-fetch @@ -17,7 +17,7 @@ zfs list -Ho name,encryption,keystatus,encryptionroot,tpm:jwe | while IFS=$'\t' if echo -n "$jwe" | zlevis-decrypt | zfs load-key -L prompt "$ds"; then echo "Unlocked $ds" else - echo "FAILED TO UNLOCK $ds" >&2 + echo "Failed to unlock $ds" >&2 exit 1 fi fi