2011-03-10 11:53:21 +00:00
|
|
|
Content-type: text/html
|
|
|
|
|
|
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
|
|
|
<HTML><HEAD><TITLE>Man page of tomb</TITLE>
|
|
|
|
</HEAD><BODY>
|
|
|
|
<H1>tomb</H1>
|
2011-09-27 10:16:19 +00:00
|
|
|
Section: User Commands (1)<BR>Updated: Sept 26, 2011<BR><A HREF="#index">Index</A>
|
2011-03-10 11:53:21 +00:00
|
|
|
<A HREF="/cgi-bin/man/man2html">Return to Main Contents</A><HR>
|
|
|
|
|
|
|
|
<P>
|
|
|
|
<A NAME="lbAB"> </A>
|
|
|
|
<H2>NAME</H2>
|
|
|
|
|
|
|
|
Tomb - the Crypto Undertaker
|
|
|
|
<P>
|
|
|
|
<A NAME="lbAC"> </A>
|
|
|
|
<H2>SYNOPSIS</H2>
|
|
|
|
|
|
|
|
<B><DL COMPACT>
|
|
|
|
<DT>tomb [options] command [arguments]<DD>
|
|
|
|
</B>
|
|
|
|
|
|
|
|
<B><DT>tomb-open [file]<DD>
|
|
|
|
</B>
|
|
|
|
|
|
|
|
<B><DT>tomb-status mountpoint<DD>
|
|
|
|
</B>
|
|
|
|
|
|
|
|
<P>
|
|
|
|
</DL>
|
|
|
|
<A NAME="lbAD"> </A>
|
|
|
|
<H2>DESCRIPTION</H2>
|
|
|
|
|
|
|
|
<P>
|
|
|
|
Tomb is an application to manage the creation and access of encrypted
|
|
|
|
storage files: it can be operated from commandline and it can
|
|
|
|
integrate with a user's graphical desktop.
|
|
|
|
<P>
|
|
|
|
Tomb generates encrypted storage files to be opened and closed using
|
|
|
|
their associated keys, which are also protected with a password chosen
|
|
|
|
by the user. To create, open and close tombs a user will need super
|
|
|
|
user rights to execute the tomb commandline utility.
|
|
|
|
<P>
|
|
|
|
A tomb is like a locked folder that can be safely transported and
|
|
|
|
hidden in a filesystem; it encourages users to keep their keys
|
|
|
|
separate from tombs, for instance keeping a tomb file on your computer
|
|
|
|
harddisk and its key file on a USB stick.
|
|
|
|
<P>
|
|
|
|
For simplified use, the command <I>tomb-open</I> starts a wizard that
|
|
|
|
guides users in the creation of a new tomb or, if a tomb file is
|
|
|
|
specified as <I>argument</I>, it opens it and makes it accessible in a
|
|
|
|
default location under the /media folder, starting the status tray
|
|
|
|
applet (<I>tomb-status</I>) if a desktop is present.
|
|
|
|
<P>
|
|
|
|
<P>
|
|
|
|
<A NAME="lbAE"> </A>
|
|
|
|
<H2>COMMANDS</H2>
|
|
|
|
|
|
|
|
<P>
|
|
|
|
<B><DL COMPACT>
|
|
|
|
<DT>create<DD>
|
|
|
|
</B>
|
|
|
|
|
|
|
|
Creates a new encrypted storage tomb and its key, named as specified
|
|
|
|
by the given <I>argument</I>.
|
|
|
|
<P>
|
|
|
|
<B><DT>open<DD>
|
|
|
|
</B>
|
|
|
|
|
|
|
|
Opens an existing tomb file specified in the <I>first argument</I>. If
|
|
|
|
a <I>second argument</I> is given it will indicate the <I>mountpoint</I>
|
|
|
|
where the tomb should be made accessible, if not then the tomb is
|
|
|
|
mounted in a directory named after the filename and inside /media.
|
|
|
|
<P>
|
2011-09-27 10:16:19 +00:00
|
|
|
<B><DT>list<DD>
|
|
|
|
</B>
|
|
|
|
|
|
|
|
<P>
|
|
|
|
List all the tombs found open, including information about the time
|
|
|
|
they were opened and the hooks that they mounted. If the <I>first
|
|
|
|
argument</I> is present, then shows only the tomb named that way or
|
|
|
|
returns an error if its not found.
|
|
|
|
<P>
|
2011-03-10 11:53:21 +00:00
|
|
|
<B><DT>close<DD>
|
|
|
|
</B>
|
|
|
|
|
|
|
|
Closes a currently open tomb. When <I>an argument</I> is specified, it
|
2011-09-27 10:16:19 +00:00
|
|
|
should be the name of a mounted tomb; if not specified and only one
|
|
|
|
tomb is open then it will be closed; if multiple tombs are open, the
|
|
|
|
command will list them on the terminal. The special
|
|
|
|
<I>argument</I> 'all' will close all currently open tombs. This command
|
|
|
|
fails if the tomb is in use by running processes, the command
|
|
|
|
<I>slam</I> can be used to force close.
|
|
|
|
<P>
|
|
|
|
<B><DT>slam<DD>
|
|
|
|
</B>
|
|
|
|
|
|
|
|
Closes a tomb like the command <I>close</I> does, but in case it is in
|
|
|
|
use looks for all the processes accessing its files and violently
|
|
|
|
kills them using -9.
|
2011-03-10 11:53:21 +00:00
|
|
|
<P>
|
|
|
|
<B><DT>bury<DD>
|
|
|
|
</B>
|
|
|
|
|
|
|
|
Hides a tomb key (<I>first argument</I>) inside a jpeg image (<I>second
|
|
|
|
argument</I>) using steganography: the image will change in a way that
|
|
|
|
cannot be noticed by human eyes and the presence of the key inside it
|
|
|
|
isn't detectable without the right password. This option is useful to
|
|
|
|
backup tomb keys in unsuspected places; it uses steghide and the
|
|
|
|
serpent encryption algorithm.
|
|
|
|
<P>
|
|
|
|
<B><DT>exhume<DD>
|
|
|
|
</B>
|
|
|
|
|
|
|
|
Extracts a named tomb key (<I>first argument</I>) from a (jpeg) image file
|
|
|
|
(<I>second argument</I>) known to be containing it, if the right password is
|
|
|
|
given. This is used to recoved buried keys from unsuspected places.
|
|
|
|
<P>
|
|
|
|
</DL>
|
|
|
|
<A NAME="lbAF"> </A>
|
|
|
|
<H2>OPTIONS</H2>
|
|
|
|
|
|
|
|
<B><DL COMPACT>
|
|
|
|
<DT>-s </B><I><MBytes></I><DD>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2011-09-27 10:16:19 +00:00
|
|
|
When creating a tomb, this option MUST be used to specify the size of
|
2011-03-10 11:53:21 +00:00
|
|
|
the new <I>file</I> to be created, in megabytes.
|
|
|
|
<B><DT>-k </B><I><keyfile></I><DD>
|
|
|
|
|
|
|
|
|
|
|
|
When opening a tomb, this option can be used to specify the location
|
|
|
|
of the key to use. Keys are created with the same name of the tomb
|
|
|
|
file adding a '.gpg' suffix, but can be later renamed and transported
|
|
|
|
on other media. When a key is not found, the program asks to insert a
|
|
|
|
USB storage device and it will look for the key file inside it.
|
2011-09-27 10:16:19 +00:00
|
|
|
If <I><keyfile></I> is "-" (dash), it will read stdin
|
|
|
|
<DT><DD>
|
|
|
|
When creating a tomb, this option can be used to specify the name (and
|
|
|
|
location) of the key you are creating. For example, you could use
|
|
|
|
|
|
|
|
tomb create -s 100 tombname -k /media/usb/tombname
|
|
|
|
|
|
|
|
to put the key on a usb pendrive
|
|
|
|
<P>
|
2011-03-10 11:53:21 +00:00
|
|
|
<B><DT>-n<DD>
|
|
|
|
</B>
|
|
|
|
|
|
|
|
Skip processing of post-hooks and bind-hooks if found inside the tomb.
|
|
|
|
See the <I>HOOKS</I> section in this manual for more information.
|
2011-09-27 10:16:19 +00:00
|
|
|
<B><DT>-o<DD>
|
|
|
|
</B>
|
|
|
|
|
|
|
|
Manually specify mount options to be used when opening a tomb instead
|
|
|
|
of the default <I>rw,noatime,nodev</I>. This option can be used to
|
|
|
|
mount a tomb read-only (ro) to prevent any modification of its data,
|
|
|
|
or to experiment with other settings (if you really know what you are
|
|
|
|
doing) see the <A HREF="/cgi-bin/man/man2html?8+mount">mount</A>(8) man page.
|
|
|
|
<B><DT>--ignore-swap<DD>
|
|
|
|
</B>
|
|
|
|
|
|
|
|
By default, Tomb will abort any create and open operation if swap is used (see
|
|
|
|
SWAP section for details). This flag will disable this behaviour. NOTE: it is
|
|
|
|
not secure to do so, unless you know that your swap is encrypted
|
|
|
|
<P>
|
2011-03-10 11:53:21 +00:00
|
|
|
<B><DT>-h<DD>
|
|
|
|
</B>
|
|
|
|
|
|
|
|
Display a help text and quit
|
|
|
|
<B><DT>-v<DD>
|
|
|
|
</B>
|
|
|
|
|
|
|
|
Display version and quit
|
|
|
|
<B><DT>-q<DD>
|
|
|
|
</B>
|
|
|
|
|
|
|
|
Run more quietly
|
|
|
|
<DT>-D<DD>
|
|
|
|
Print more information while running, for debugging purposes
|
|
|
|
<P>
|
2011-09-27 10:16:19 +00:00
|
|
|
<P>
|
2011-03-10 11:53:21 +00:00
|
|
|
</DL>
|
|
|
|
<A NAME="lbAG"> </A>
|
|
|
|
<H2>HOOKS</H2>
|
|
|
|
|
|
|
|
<P>
|
|
|
|
Hooks are special files that can be placed inside the tomb and trigger
|
|
|
|
actions when it is opened and closed; there are two kinds of such
|
|
|
|
files: <I>bind-hooks</I> and <I>post-hooks</I> can be placed in the
|
|
|
|
base root of the tomb.
|
|
|
|
<P>
|
|
|
|
<B><DL COMPACT>
|
|
|
|
<DT>bind-hooks<DD>
|
|
|
|
</B>
|
|
|
|
|
|
|
|
This hook file consists of a simple two column list of files or
|
|
|
|
directories inside the tomb to be made directly accessible inside the
|
|
|
|
current user's home directory. Tomb will use the "mount -o bind"
|
|
|
|
command to bind locations inside the tomb to locations found in $HOME
|
|
|
|
so in the first column are indicated paths relative to the tomb and in
|
|
|
|
the second column are indicated paths relative to $HOME contents, for
|
|
|
|
example:
|
|
|
|
<P>
|
|
|
|
<BR> mail mail
|
|
|
|
<BR> .gnupg .gnupg
|
|
|
|
<BR> .fmrc .fetchmailrc
|
|
|
|
<BR> .mozilla .mozilla
|
|
|
|
<P>
|
|
|
|
<B><DT>post-hooks<DD>
|
|
|
|
</B>
|
|
|
|
|
|
|
|
This hook file gets executed as user by tomb right after opening it;
|
|
|
|
it can consist of a shell script of a binary executable that performs
|
|
|
|
batch operations every time a tomb is opened.
|
|
|
|
<P>
|
|
|
|
</DL>
|
|
|
|
<A NAME="lbAH"> </A>
|
|
|
|
<H2>PRIVILEGE ESCALATION</H2>
|
|
|
|
|
|
|
|
<P>
|
|
|
|
The tomb commandline tool needs to acquire super user rights to
|
|
|
|
execute most of its operations: to do so it uses <A HREF="/cgi-bin/man/man2html?8+sudo">sudo</A>(8), while
|
|
|
|
<A HREF="/cgi-bin/man/man2html?1+pinentry">pinentry</A>(1) is adopted to collect passwords from the user.
|
|
|
|
<P>
|
|
|
|
Tomb executes as super user only those commands requiring it, while it
|
|
|
|
executes desktop applications as processes owned by the user.
|
|
|
|
<P>
|
|
|
|
<A NAME="lbAI"> </A>
|
2011-09-27 10:16:19 +00:00
|
|
|
<H2>SWAP</H2>
|
|
|
|
|
|
|
|
<P>
|
|
|
|
During "create" and "open" operation, swap will complain and <I>abort</I> if
|
|
|
|
your system has swap activated. This can be annoying, and you can disable this
|
|
|
|
behaviour using <I>--ignore-swap</I>. Before doing that, however, you may be
|
|
|
|
interested in knowing the risks of doing so:
|
|
|
|
<DL COMPACT>
|
|
|
|
<DT>•<DD>
|
|
|
|
During both creation and opening it could write your secret key on the disk
|
|
|
|
<DT>•<DD>
|
|
|
|
After having opened the tomb, an application you're using could swap file
|
|
|
|
contents. So you'll put file contents in clear on your disk
|
|
|
|
</DL>
|
|
|
|
<P>
|
2011-03-10 11:53:21 +00:00
|
|
|
|
|
|
|
<P>
|
2011-09-27 10:16:19 +00:00
|
|
|
If you don't need swap, execute <I> swapoff -a</I>. If you really need it, you
|
|
|
|
could encrypt it. Tomb doesn't detect if your swap is encrypted, and will
|
|
|
|
complain anyway. In that case, using --ignore-swap is safe. Otherwise, use
|
|
|
|
--ignore-swap at your own risk
|
|
|
|
<P>
|
|
|
|
<P>
|
2011-03-10 11:53:21 +00:00
|
|
|
<P>
|
|
|
|
<A NAME="lbAJ"> </A>
|
2011-09-27 10:16:19 +00:00
|
|
|
<H2>BUGS</H2>
|
|
|
|
|
|
|
|
Please report bugs on the tracker at
|
|
|
|
|
|
|
|
|
|
|
|
<P>
|
|
|
|
Get in touch with developers via mail using this
|
|
|
|
|
|
|
|
web page
|
|
|
|
|
|
|
|
or via chat on
|
|
|
|
|
|
|
|
|
|
|
|
<P>
|
|
|
|
<A NAME="lbAK"> </A>
|
2011-03-10 11:53:21 +00:00
|
|
|
<H2>AUTHORS</H2>
|
|
|
|
|
|
|
|
<P>
|
|
|
|
Tomb is designed and written by Denis Roio aka Jaromil.
|
|
|
|
<P>
|
2011-09-27 10:16:19 +00:00
|
|
|
Tomb includes code by Hellekin O. Wolf, Anathema and Boyska.
|
|
|
|
<P>
|
2011-03-10 11:53:21 +00:00
|
|
|
Tomb's artwork is contributed by Jordi aka Mon Mort
|
|
|
|
<P>
|
2011-09-27 10:16:19 +00:00
|
|
|
Testing and reviews are contributed by Dreamer, Shining, Mancausoft,
|
|
|
|
Asbesto Molesto.
|
2011-03-10 11:53:21 +00:00
|
|
|
<P>
|
|
|
|
Cryptsetup is developed by Christophe Saout and Clemens Fruhwirth
|
|
|
|
<P>
|
2011-09-27 10:16:19 +00:00
|
|
|
<A NAME="lbAL"> </A>
|
2011-03-10 11:53:21 +00:00
|
|
|
<H2>COPYING</H2>
|
|
|
|
|
|
|
|
<P>
|
|
|
|
This manual is Copyleft (c) 2011 Denis Roio <<I><A HREF="mailto:jaromil@dyne.org">jaromil@dyne.org</A></I>>
|
|
|
|
<P>
|
2011-09-27 10:16:19 +00:00
|
|
|
It includes contributions by Boyska
|
|
|
|
<P>
|
2011-03-10 11:53:21 +00:00
|
|
|
Permission is granted to copy, distribute and/or modify this manual
|
|
|
|
under the terms of the GNU Free Documentation License, Version 1.1 or
|
|
|
|
any later version published by the Free Software Foundation.
|
|
|
|
Permission is granted to make and distribute verbatim copies of this
|
|
|
|
manual page provided the above copyright notice and this permission
|
|
|
|
notice are preserved on all copies.
|
|
|
|
<P>
|
2011-09-27 10:16:19 +00:00
|
|
|
<A NAME="lbAM"> </A>
|
2011-03-10 11:53:21 +00:00
|
|
|
<H2>AVAILABILITY</H2>
|
|
|
|
|
|
|
|
<P>
|
|
|
|
The most recent version of Tomb sourcecode and up to date
|
|
|
|
documentation is available for download from its website on
|
|
|
|
<I><A HREF="http://tomb.dyne.org">http://tomb.dyne.org</A></I>.
|
|
|
|
<P>
|
2011-09-27 10:16:19 +00:00
|
|
|
<A NAME="lbAN"> </A>
|
2011-03-10 11:53:21 +00:00
|
|
|
<H2>SEE ALSO</H2>
|
|
|
|
|
|
|
|
<P>
|
|
|
|
<B><DL COMPACT>
|
|
|
|
<DT><A HREF="/cgi-bin/man/man2html?8+cryptsetup">cryptsetup</A>(8)<DD>
|
|
|
|
</B>
|
|
|
|
|
|
|
|
<P>
|
|
|
|
GnuPG website on <A HREF="http://www.gnupg.org">http://www.gnupg.org</A>
|
|
|
|
<P>
|
|
|
|
DM-Crypt website on <A HREF="http://www.saout.de/misc/dm-crypt">http://www.saout.de/misc/dm-crypt</A>
|
|
|
|
<P>
|
|
|
|
LUKS website, <A HREF="http://code.google.com/p/cryptsetup">http://code.google.com/p/cryptsetup</A>
|
|
|
|
<P>
|
|
|
|
</DL>
|
|
|
|
|
|
|
|
<HR>
|
|
|
|
<A NAME="index"> </A><H2>Index</H2>
|
|
|
|
<DL>
|
|
|
|
<DT><A HREF="#lbAB">NAME</A><DD>
|
|
|
|
<DT><A HREF="#lbAC">SYNOPSIS</A><DD>
|
|
|
|
<DT><A HREF="#lbAD">DESCRIPTION</A><DD>
|
|
|
|
<DT><A HREF="#lbAE">COMMANDS</A><DD>
|
|
|
|
<DT><A HREF="#lbAF">OPTIONS</A><DD>
|
|
|
|
<DT><A HREF="#lbAG">HOOKS</A><DD>
|
|
|
|
<DT><A HREF="#lbAH">PRIVILEGE ESCALATION</A><DD>
|
2011-09-27 10:16:19 +00:00
|
|
|
<DT><A HREF="#lbAI">SWAP</A><DD>
|
|
|
|
<DT><A HREF="#lbAJ">BUGS</A><DD>
|
|
|
|
<DT><A HREF="#lbAK">AUTHORS</A><DD>
|
|
|
|
<DT><A HREF="#lbAL">COPYING</A><DD>
|
|
|
|
<DT><A HREF="#lbAM">AVAILABILITY</A><DD>
|
|
|
|
<DT><A HREF="#lbAN">SEE ALSO</A><DD>
|
2011-03-10 11:53:21 +00:00
|
|
|
</DL>
|
|
|
|
<HR>
|
|
|
|
This document was created by
|
|
|
|
<A HREF="/cgi-bin/man/man2html">man2html</A>,
|
|
|
|
using the manual pages.<BR>
|
2011-09-27 10:16:19 +00:00
|
|
|
Time: 10:33:09 GMT, September 26, 2011
|
2011-03-10 11:53:21 +00:00
|
|
|
</BODY>
|
|
|
|
</HTML>
|