commit 16e723fa9e059dd2c877e149a86374b434da0b20
parent f35bbb151516b17cfcefa54fd9bd5ebd8cbc8ccf
Author: Jaromil <jaromil@dyne.org>
Date: Thu, 10 Mar 2011 12:53:21 +0100
documentation for 1.0 release
Diffstat:
6 files changed, 284 insertions(+), 188 deletions(-)
diff --git a/AUTHORS b/AUTHORS
@@ -7,5 +7,3 @@ Testing and fixes are contributed by Dreamer and Hellekin O. Wolf
Cryptsetup is developed by Christophe Saout and Clemens Fruhwirth
-
-
diff --git a/ChangeLog b/ChangeLog
@@ -1,3 +1,10 @@
+March 2011 - 1.0
+
+ Clean and stable. Now passwords are handled exclusively using
+ pinentry. Also support for steganography of keys (bury and exhume)
+ was added to the commandline. Commandline and desktop operations
+ are separate so that tomb can be used via remote terminal.
+
February 2011 - 0.9.1
Sourcecode cleanup, debugging and testing.
diff --git a/README b/README
@@ -12,7 +12,7 @@ X~ `?888888hx~ ...ue888b .888: x888 x888. 8888 .
' "*88888888* 'Y" `~ " `"` `%888*%"
^"***"` "`
-a simple commandline tool to manage encrypted storage v.0.9.2
+a simple commandline tool to manage encrypted storage v.1.0
http://tomb.dyne.org
diff --git a/doc/web/views/index.muse b/doc/web/views/index.muse
@@ -27,6 +27,11 @@ USB stick.
** Documentation
+ "*All I know is what the words know, and dead things, and that makes
+ a handsome little sum, with a beginning and a middle and an end, as
+ in the well-built phrase and the long sonata of the dead.*"
+ Samuel Beckett
+
First of all the usual info you'd expect a software to provide:
- [[README]]
@@ -47,7 +52,6 @@ To open a tomb is sufficient to click on it, or use the command **tomb-open**
When a tomb is open your panel will have a little icon in the tray
reminding you that a tomb is open, offering to explore it or close it.
-[[images/awesome-shot.png]]
To make safety copies of your keys, tomb lets you "bury a key" inside
an image (using steganography techniques) and of course "exhume"
@@ -55,6 +59,8 @@ buried keys from pictures where they are hidden. Actually it is very
hard to guess when something is hidden inside a picture without
knowing the password used in steganography.
+[[images/awesome-shot.png]]
+
See the [[manual.html][manpage]] for more information on how to operate Tomb from the
text terminal.
<example>
@@ -87,7 +93,7 @@ Please report bugs on <http://bugs.dyne.org>.
*** Who needs Tomb
- Democracy requires Privacy as much as Freedom of Expression.
+ "*Democracy requires Privacy as much as Freedom of Expression.*" Anonymous
Our target community are desktop users with no time to click around,
sometimes using old or borrowed computers, operating in places
diff --git a/doc/web/views/manual.html b/doc/web/views/manual.html
@@ -0,0 +1,268 @@
+Content-type: text/html
+
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<HTML><HEAD><TITLE>Man page of tomb</TITLE>
+</HEAD><BODY>
+<H1>tomb</H1>
+Section: User Commands (1)<BR>Updated: February 12, 2011<BR><A HREF="#index">Index</A>
+<A HREF="/cgi-bin/man/man2html">Return to Main Contents</A><HR>
+
+<P>
+<A NAME="lbAB"> </A>
+<H2>NAME</H2>
+
+Tomb - the Crypto Undertaker
+<P>
+<A NAME="lbAC"> </A>
+<H2>SYNOPSIS</H2>
+
+<B><DL COMPACT>
+<DT>tomb [options] command [arguments]<DD>
+</B>
+
+<B><DT>tomb-open [file]<DD>
+</B>
+
+<B><DT>tomb-status mountpoint<DD>
+</B>
+
+<P>
+</DL>
+<A NAME="lbAD"> </A>
+<H2>DESCRIPTION</H2>
+
+<P>
+Tomb is an application to manage the creation and access of encrypted
+storage files: it can be operated from commandline and it can
+integrate with a user's graphical desktop.
+<P>
+Tomb generates encrypted storage files to be opened and closed using
+their associated keys, which are also protected with a password chosen
+by the user. To create, open and close tombs a user will need super
+user rights to execute the tomb commandline utility.
+<P>
+A tomb is like a locked folder that can be safely transported and
+hidden in a filesystem; it encourages users to keep their keys
+separate from tombs, for instance keeping a tomb file on your computer
+harddisk and its key file on a USB stick.
+<P>
+For simplified use, the command <I>tomb-open</I> starts a wizard that
+guides users in the creation of a new tomb or, if a tomb file is
+specified as <I>argument</I>, it opens it and makes it accessible in a
+default location under the /media folder, starting the status tray
+applet (<I>tomb-status</I>) if a desktop is present.
+<P>
+<P>
+<A NAME="lbAE"> </A>
+<H2>COMMANDS</H2>
+
+<P>
+<B><DL COMPACT>
+<DT>create<DD>
+</B>
+
+Creates a new encrypted storage tomb and its key, named as specified
+by the given <I>argument</I>.
+<P>
+<B><DT>open<DD>
+</B>
+
+Opens an existing tomb file specified in the <I>first argument</I>. If
+a <I>second argument</I> is given it will indicate the <I>mountpoint</I>
+where the tomb should be made accessible, if not then the tomb is
+mounted in a directory named after the filename and inside /media.
+<P>
+<B><DT>close<DD>
+</B>
+
+Closes a currently open tomb. When <I>an argument</I> is specified, it
+should point to the tomb mount on /dev/mapper; if not specified and
+only one tomb is open then it will be closed; if multiple tombs are
+open, the command will list them on the terminal. The special
+<I>argument</I> 'all' will close all currently open tombs.
+<P>
+<B><DT>bury<DD>
+</B>
+
+Hides a tomb key (<I>first argument</I>) inside a jpeg image (<I>second
+argument</I>) using steganography: the image will change in a way that
+cannot be noticed by human eyes and the presence of the key inside it
+isn't detectable without the right password. This option is useful to
+backup tomb keys in unsuspected places; it uses steghide and the
+serpent encryption algorithm.
+<P>
+<B><DT>exhume<DD>
+</B>
+
+Extracts a named tomb key (<I>first argument</I>) from a (jpeg) image file
+(<I>second argument</I>) known to be containing it, if the right password is
+given. This is used to recoved buried keys from unsuspected places.
+<P>
+</DL>
+<A NAME="lbAF"> </A>
+<H2>OPTIONS</H2>
+
+<B><DL COMPACT>
+<DT>-s </B><I><MBytes></I><DD>
+
+
+
+
+When creating a tomb, this option must be used to specify the size of
+the new <I>file</I> to be created, in megabytes.
+<B><DT>-k </B><I><keyfile></I><DD>
+
+
+When opening a tomb, this option can be used to specify the location
+of the key to use. Keys are created with the same name of the tomb
+file adding a '.gpg' suffix, but can be later renamed and transported
+on other media. When a key is not found, the program asks to insert a
+USB storage device and it will look for the key file inside it.
+<B><DT>-n<DD>
+</B>
+
+Skip processing of post-hooks and bind-hooks if found inside the tomb.
+See the <I>HOOKS</I> section in this manual for more information.
+<B><DT>-h<DD>
+</B>
+
+Display a help text and quit
+<B><DT>-v<DD>
+</B>
+
+Display version and quit
+<B><DT>-q<DD>
+</B>
+
+Run more quietly
+<DT>-D<DD>
+Print more information while running, for debugging purposes
+<P>
+</DL>
+<A NAME="lbAG"> </A>
+<H2>HOOKS</H2>
+
+<P>
+Hooks are special files that can be placed inside the tomb and trigger
+actions when it is opened and closed; there are two kinds of such
+files: <I>bind-hooks</I> and <I>post-hooks</I> can be placed in the
+base root of the tomb.
+<P>
+<B><DL COMPACT>
+<DT>bind-hooks<DD>
+</B>
+
+This hook file consists of a simple two column list of files or
+directories inside the tomb to be made directly accessible inside the
+current user's home directory. Tomb will use the "mount -o bind"
+command to bind locations inside the tomb to locations found in $HOME
+so in the first column are indicated paths relative to the tomb and in
+the second column are indicated paths relative to $HOME contents, for
+example:
+<P>
+<BR> mail mail
+<BR> .gnupg .gnupg
+<BR> .fmrc .fetchmailrc
+<BR> .mozilla .mozilla
+<P>
+<B><DT>post-hooks<DD>
+</B>
+
+This hook file gets executed as user by tomb right after opening it;
+it can consist of a shell script of a binary executable that performs
+batch operations every time a tomb is opened.
+<P>
+</DL>
+<A NAME="lbAH"> </A>
+<H2>PRIVILEGE ESCALATION</H2>
+
+<P>
+The tomb commandline tool needs to acquire super user rights to
+execute most of its operations: to do so it uses <A HREF="/cgi-bin/man/man2html?8+sudo">sudo</A>(8), while
+<A HREF="/cgi-bin/man/man2html?1+pinentry">pinentry</A>(1) is adopted to collect passwords from the user.
+<P>
+Tomb executes as super user only those commands requiring it, while it
+executes desktop applications as processes owned by the user.
+<P>
+<P>
+<A NAME="lbAI"> </A>
+<H2>BUGS</H2>
+
+Please report bugs on the tracker at <A HREF="http://bugs.dyne.org">http://bugs.dyne.org</A>
+<P>
+Get in touch with developers via mail using this web page
+<A HREF="http://dyne.org/contact">http://dyne.org/contact</A> or via chat on <A HREF="http://irc.dyne.org">http://irc.dyne.org</A>
+<P>
+<A NAME="lbAJ"> </A>
+<H2>AUTHORS</H2>
+
+<P>
+Tomb is designed and written by Denis Roio aka Jaromil.
+<P>
+Tomb's artwork is contributed by Jordi aka Mon Mort
+<P>
+Testing and fixes are contributed by Dreamer and Hellekin O. Wolf
+<P>
+Cryptsetup is developed by Christophe Saout and Clemens Fruhwirth
+<P>
+<A NAME="lbAK"> </A>
+<H2>COPYING</H2>
+
+<P>
+This manual is Copyleft (c) 2011 Denis Roio <<I><A HREF="mailto:jaromil@dyne.org">jaromil@dyne.org</A></I>>
+<P>
+Permission is granted to copy, distribute and/or modify this manual
+under the terms of the GNU Free Documentation License, Version 1.1 or
+any later version published by the Free Software Foundation.
+Permission is granted to make and distribute verbatim copies of this
+manual page provided the above copyright notice and this permission
+notice are preserved on all copies.
+<P>
+<A NAME="lbAL"> </A>
+<H2>AVAILABILITY</H2>
+
+<P>
+The most recent version of Tomb sourcecode and up to date
+documentation is available for download from its website on
+<I><A HREF="http://tomb.dyne.org">http://tomb.dyne.org</A></I>.
+<P>
+<A NAME="lbAM"> </A>
+<H2>SEE ALSO</H2>
+
+<P>
+<B><DL COMPACT>
+<DT><A HREF="/cgi-bin/man/man2html?8+cryptsetup">cryptsetup</A>(8)<DD>
+</B>
+
+<P>
+GnuPG website on <A HREF="http://www.gnupg.org">http://www.gnupg.org</A>
+<P>
+DM-Crypt website on <A HREF="http://www.saout.de/misc/dm-crypt">http://www.saout.de/misc/dm-crypt</A>
+<P>
+LUKS website, <A HREF="http://code.google.com/p/cryptsetup">http://code.google.com/p/cryptsetup</A>
+<P>
+</DL>
+
+<HR>
+<A NAME="index"> </A><H2>Index</H2>
+<DL>
+<DT><A HREF="#lbAB">NAME</A><DD>
+<DT><A HREF="#lbAC">SYNOPSIS</A><DD>
+<DT><A HREF="#lbAD">DESCRIPTION</A><DD>
+<DT><A HREF="#lbAE">COMMANDS</A><DD>
+<DT><A HREF="#lbAF">OPTIONS</A><DD>
+<DT><A HREF="#lbAG">HOOKS</A><DD>
+<DT><A HREF="#lbAH">PRIVILEGE ESCALATION</A><DD>
+<DT><A HREF="#lbAI">BUGS</A><DD>
+<DT><A HREF="#lbAJ">AUTHORS</A><DD>
+<DT><A HREF="#lbAK">COPYING</A><DD>
+<DT><A HREF="#lbAL">AVAILABILITY</A><DD>
+<DT><A HREF="#lbAM">SEE ALSO</A><DD>
+</DL>
+<HR>
+This document was created by
+<A HREF="/cgi-bin/man/man2html">man2html</A>,
+using the manual pages.<BR>
+Time: 18:57:34 GMT, March 09, 2011
+</BODY>
+</HTML>
diff --git a/doc/web/views/manual.man b/doc/web/views/manual.man
@@ -1,183 +0,0 @@
-.TH tomb 1 "February 12, 2011" "tomb"
-
-.SH NAME
-Tomb \- the Crypto Undertaker
-
-.SH SYNOPSIS
-.B
-.IP "tomb [options] command [arguments]"
-.B
-.IP "tomb-open [file]"
-.B
-.IP "tomb-status mountpoint"
-
-.SH DESCRIPTION
-
-Tomb is an application to manage the creation and access of encrypted
-storage files: it can be operated from commandline and it can
-integrate with a user's graphical desktop.
-
-Tomb generates encrypted storage files to be opened and closed using
-their associated keys, which are also protected with a password chosen
-by the user. To create, open and close tombs a user will need super
-user rights to execute the tomb commandline utility.
-
-A tomb is like a locked folder that can be safely transported and
-hidden in a filesystem; it encourages users to keep their keys
-separate from tombs, for instance keeping a tomb file on your computer
-harddisk and its key file on a USB stick.
-
-For simplified use, the command \fItomb-open\fR starts a wizard that
-guides users in the creation of a new tomb or, if a tomb file is
-specified as \fIargument\fR, it opens it and makes it accessible in a
-default location under the /media folder, starting the status tray
-applet (\fItomb-status\fR) if a desktop is present.
-
-
-.SH COMMANDS
-
-.B
-.IP "create"
-Creates a new encrypted storage tomb and its key, named as specified
-by the given \fIargument\fR.
-
-.B
-.IP "open"
-Opens an existing tomb file specified in the \fIfirst argument\fR. If
-a \fIsecond argument\fR is given it will indicate the \fImountpoint\fR
-where the tomb should be made accessible, if not then the tomb is
-mounted in a directory named after the filename and inside /media.
-
-.B
-.IP "close"
-Closes a currently open tomb. When \fIan argument\fR is specified, it
-should point to the tomb mount on /dev/mapper; if not specified and
-only one tomb is open then it will be closed; if multiple tombs are
-open, the command will list them on the terminal. The special
-\fIargument\fR 'all' will close all currently open tombs.
-
-.B
-.IP "bury"
-Hides a tomb key (\fIfirst argument\fR) inside a jpeg image (\fIsecond
-argument\fR) using steganography: the image will change in a way that
-cannot be noticed by human eyes and the presence of the key inside it
-isn't detectable without the right password. This option is useful to
-backup tomb keys in unsuspected places; it uses steghide and the
-serpent encryption algorithm.
-
-.B
-.IP "exhume"
-Extracts a named tomb key (\fIfirst argument\fR) from a (jpeg) image file
-(\fIsecond argument\fR) known to be containing it, if the right password is
-given. This is used to recoved buried keys from unsuspected places.
-
-.SH OPTIONS
-.B
-.B
-.IP "-s \fI<MBytes>\fR"
-When creating a tomb, this option must be used to specify the size of
-the new \fIfile\fR to be created, in megabytes.
-.B
-.IP "-k \fI<keyfile>\fR"
-When opening a tomb, this option can be used to specify the location
-of the key to use. Keys are created with the same name of the tomb
-file adding a '.gpg' suffix, but can be later renamed and transported
-on other media. When a key is not found, the program asks to insert a
-USB storage device and it will look for the key file inside it.
-.B
-.IP "-n"
-Skip processing of post-hooks and bind-hooks if found inside the tomb.
-See the \fIHOOKS\fR section in this manual for more information.
-.B
-.IP "-h"
-Display a help text and quit
-.B
-.IP "-v"
-Display version and quit
-.B
-.IP "-q"
-Run more quietly
-.IP "-D"
-Print more information while running, for debugging purposes
-
-.SH HOOKS
-
-Hooks are special files that can be placed inside the tomb and trigger
-actions when it is opened and closed; there are two kinds of such
-files: \fIbind-hooks\fR and \fIpost-hooks\fR can be placed in the
-base root of the tomb.
-
-.B
-.IP "bind-hooks"
-This hook file consists of a simple two column list of files or
-directories inside the tomb to be made directly accessible inside the
-current user's home directory. Tomb will use the "mount \-o bind"
-command to bind locations inside the tomb to locations found in $HOME
-so in the first column are indicated paths relative to the tomb and in
-the second column are indicated paths relative to $HOME contents, for
-example:
-
- mail mail
- .gnupg .gnupg
- .fmrc .fetchmailrc
- .mozilla .mozilla
-
-.B
-.IP "post-hooks"
-This hook file gets executed as user by tomb right after opening it;
-it can consist of a shell script of a binary executable that performs
-batch operations every time a tomb is opened.
-
-.SH PRIVILEGE ESCALATION
-
-The tomb commandline tool needs to acquire super user rights to
-execute most of its operations: to do so it uses sudo(8), while
-pinentry(1) is adopted to collect passwords from the user.
-
-Tomb executes as super user only those commands requiring it, while it
-executes desktop applications as processes owned by the user.
-
-
-.SH BUGS
-Please report bugs on the tracker at http://bugs.dyne.org
-
-Get in touch with developers via mail using this web page
-http://dyne.org/contact or via chat on http://irc.dyne.org
-
-.SH AUTHORS
-
-Tomb is designed and written by Denis Roio aka Jaromil.
-
-Tomb's artwork is contributed by Jordi aka Mon Mort
-
-Testing and fixes are contributed by Dreamer and Hellekin O. Wolf
-
-Cryptsetup is developed by Christophe Saout and Clemens Fruhwirth
-
-.SH COPYING
-
-This manual is Copyleft (c) 2011 Denis Roio <\fIjaromil@dyne.org\fR>
-
-Permission is granted to copy, distribute and/or modify this manual
-under the terms of the GNU Free Documentation License, Version 1.1 or
-any later version published by the Free Software Foundation.
-Permission is granted to make and distribute verbatim copies of this
-manual page provided the above copyright notice and this permission
-notice are preserved on all copies.
-
-.SH AVAILABILITY
-
-The most recent version of Tomb sourcecode and up to date
-documentation is available for download from its website on
-\fIhttp://tomb.dyne.org\fR.
-
-.SH SEE ALSO
-
-.B
-.IP cryptsetup(8)
-
-GnuPG website on http://www.gnupg.org
-
-DM-Crypt website on http://www.saout.de/misc/dm-crypt
-
-LUKS website, http://code.google.com/p/cryptsetup
