tomb

the crypto undertaker
git clone git://parazyd.org/tomb.git
Log | Files | Refs | README | LICENSE

commit f6885729acf80d604227f26a7de54f59bbee9f7c
parent 9bc0bd762b658b70c089e58b1b4e5779a46d66ff
Author: Jaromil <jaromil@dyne.org>
Date:   Mon,  9 Jun 2014 12:22:33 +0200

documentation updates for release

Diffstat:
MAUTHORS.md | 5+++--
MChangeLog.md | 8++++++++
MKNOWN_BUGS.md | 7+++++--
MREADME.md | 12+++++++++++-
Mdoc/Tomb_User_Manual.org | 12+++++++-----
Mdoc/tomb.1 | 61++++++++++++++++++++++++++++++++++++++++++++++---------------
Mtomb | 4++--
7 files changed, 82 insertions(+), 27 deletions(-)

diff --git a/AUTHORS.md b/AUTHORS.md @@ -5,8 +5,9 @@ Tomb includes code by Anathema, Boyska and Hellekin O. Wolf. Tomb's artwork is contributed by Jordi aka Mon Mort -Testing and reviews are contributed by Dreamer, Shining, Mancausoft, -Asbesto Molesto and Nignux. +Testing, reviews and documentation are contributed by Dreamer, +Shining, Mancausoft, Asbesto Molesto, Nignux, Vlax, Reiven and +GDrooid. Cryptsetup was developed by Christophe Saout and Clemens Fruhwirth diff --git a/ChangeLog.md b/ChangeLog.md @@ -1,5 +1,13 @@ # Tomb ChangeLog +## 1.5.3 +### June 2014 + +Various usability fixes and documentation updates. Password changing +and key changing procedures have been refactored and dev-mode +operation from scripts has been tested against a few new wrappers +being developed. A strings file is made available for translators. + ## 1.5.2 ### February 2014 diff --git a/KNOWN_BUGS.md b/KNOWN_BUGS.md @@ -1,11 +1,14 @@ -* Versioning and stdin key piping in 1.5 +# Versioning and stdin key +## 1.5 + Due to distraction tomb version 1.5 displays its version as 1.4. Also version 1.5 did not work when using -k - to pipe keys from stdin, plus left the encrypted keys laying around in RAM (tmpfs). This was a minor vulnerability fixed in 1.5.1. -* Compatibility broken in old Tomb 1.3 and 1.3.1 +# Key compatibility broken +## 1.3 and 1.3.1 Due to an error in the creation and decoding of key files, release versions 1.3 and 1.3.1 cannot open older tombs, plus the tombs created diff --git a/README.md b/README.md @@ -16,7 +16,7 @@ Latest version: **1.5.3** -http://dyne.org/software/tomb +Updates on website: http://dyne.org/software/tomb # What is Tomb, the crypto undertaker @@ -29,6 +29,16 @@ standard filesystem tools (GNU) and the cryptographic API of the Linux kernel (cryptsetup and LUKS). Tomb can also produce machine parsable output to facilitate its use inside graphical applications. +# Plea for support + +If you like to support the development of this project, please rate it +and endorse it on the CHEST funding platform: + +http://ideas.chest-project.eu/?q=node/3433 + +We are seeking funding to continue this free and open source development. +It does not require much, just a registration and rating. Thanks. + # How does it works For the instructions on how to get started using Tomb, see [INSTALL](INSTALL.md). diff --git a/doc/Tomb_User_Manual.org b/doc/Tomb_User_Manual.org @@ -132,11 +132,13 @@ Later on we've felt the urgency to publishing this mechanism for other operating systems than dyne:bolic since the current situation in personal desktop encryption is far from optimal. Let's have a look. -\index{truecrypt} -[[http://en.wikipedia.org/wiki/TrueCrypt][TrueCrypt]] makes use of statically linked libraries so that its code is -hard to audit, plus is [[http://lists.freedesktop.org/archives/distributions/2008-October/000276.html][not considered free]] by free operating system -distributors because of liability reasons, see [[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=364034][Debian]], [[https://bugs.edge.launchpad.net/ubuntu/+bug/109701][Ubuntu]], [[http://lists.opensuse.org/opensuse-buildservice/2008-10/msg00055.html][Suse]], -[[http://bugs.gentoo.org/show_bug.cgi?id=241650][Gentoo]] and [[https://fedoraproject.org/wiki/ForbiddenItems#TrueCrypt][Fedora]]. +\index{truecrypt} [[http://en.wikipedia.org/wiki/TrueCrypt][TrueCrypt]] makes use of statically linked libraries +so that its code is hard to audit, plus is [[http://lists.freedesktop.org/archives/distributions/2008-October/000276.html][not considered free]] by free +operating system distributors because of liability reasons, see +[[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=364034][Debian]], [[https://bugs.edge.launchpad.net/ubuntu/+bug/109701][Ubuntu]], [[http://lists.opensuse.org/opensuse-buildservice/2008-10/msg00055.html][Suse]], [[http://bugs.gentoo.org/show_bug.cgi?id=241650][Gentoo]] and [[https://fedoraproject.org/wiki/ForbiddenItems#TrueCrypt][Fedora]]. For these and other reasons - +presumably very sad ones for its users - Truecrypt has also been +discontinued. + \index{cryptkeeper} [[http://tom.noflag.org.uk/cryptkeeper.html][Cryptkeeper]] is the best alternative to Tomb out there and its main diff --git a/doc/tomb.1 b/doc/tomb.1 @@ -73,7 +73,9 @@ mount(8) options (default: rw,noatime,nodev). List all the tombs found open, including information about the time they were opened and the hooks that they mounted. If the first argument is present, then shows only the tomb named that way or -returns an error if its not found. +returns an error if its not found. If the option +\fI--get-mountpoint\fR is used then print a simple list of currently +open tomb mountpoint paths. .B .IP "index" @@ -174,11 +176,10 @@ adding a '.key' suffix, but can be later renamed and transported on other media. If \fI<keyfile>\fR is "-" (dash), it will read it from stdin. .B -.IP "--kdf \fI<seconds>\fR" +.IP "--kdf \fI<iterations>\fR" Activate the KDF feature against dictionary attacks when creating a -key: forces a delay of \fI<seconds>\fR every time this key is -used. This feature is still \fIexperimental\fR and not recommended in -production environments. +key: forces a delay of \fI<iterations>\fR (integer multiplied by 10k) +every time this key is used. .B .IP "-n" Skip processing of post-hooks and bind-hooks if found inside the tomb. @@ -186,32 +187,62 @@ See the \fIHOOKS\fR section in this manual for more information. .B .IP "-o" Manually specify mount options to be used when opening a tomb instead -of the default \fIrw,noatime,nodev\fR. This option can be used to -mount a tomb read-only (ro) to prevent any modification of its data, -or to experiment with other settings (if you really know what you are -doing) see the mount(8) man page. +of the default \fIrw,noatime,nodev\fR, i.e. to mount a tomb read-only +(ro) to prevent any modification of its data. Can also be used to +change the symmetric encryption algorithm for keys during \fIforge\fR +operations (default \fIAES256\fR) or the LUKS encryption method during +\fIlock\fR operations (default \fIaes-xts-plain64:sha256\fR). .B .IP "-f" Force flag, currently used to override swap checks, might be overriding more wimpy behaviours in future, but make sure you know -what you are doing if you force an operation... +what you are doing if you force an operation. .B .IP "-h" -Display a help text and quit +Display a help text and quit. .B .IP "-v" -Display version and quit +Display version and quit. .B .IP "-q" Run more quietly .B .IP "-D" Print more information while running, for debugging purposes + +.SH DEV MODE .B .IP "--no-color" -Don't use colors; useful for old terminals or integration in other -scripts parsers - +Suppress colors in console output (needed for string parsing by +wrappers). +.B +.IP "--unsecure-dev-mode" +Enable using dev-mode arguments, i.e. to pass passwords from +commandline options. This is mostly used needed for execution by +wrappers and testing suite. +.B +.IP "--use-urandom" +Use an inferior quality random source to improve the speed of key +generation at the cost of security (neede for the testing suite). +.B +.IP "--sudo-pwd <string>" +Use string as password when needed for privilege escalation via sudo. +.B +.IP "--tomb-pwd <string>" +Use string as password when needed on tomb. +.B +.IP "--tomb-old-pwd <string>" +Use string as old password when needed in tomb commands requiring +multiple keys, like \fIpasswd\fR or \fIsetkey\fR. +.B +.IP "-U --uid" +Switch to this user ID when dropping privileges. +.B +.IP "-G --gid" +Switch to this group ID when dropping privileges. +.B +.IP "-T --tty" +Switch to this TTY terminal when dropping privileges. .SH HOOKS diff --git a/tomb b/tomb @@ -40,8 +40,8 @@ # {{{ Global variables -VERSION=1.5.2 -DATE="Feb/2014" +VERSION=1.5.3 +DATE="Jun/2014" TOMBEXEC=$0 typeset -a OLDARGS for arg in ${argv}; do OLDARGS+=($arg); done