Tomb/README

70 lines
2.8 KiB
Plaintext
Raw Normal View History

..... ..
.H8888888h. ~-. . uW8"
888888888888x `> u. .. . : `t888
X~ `?888888hx~ ...ue888b .888: x888 x888. 8888 .
' x8.^"*88*" 888R Y888r ~`8888~'888X`?888f` 9888.z88N
`-:- X8888x 888R I888> X888 888X '888> 9888 888E
488888> 888R I888> X888 888X '888> 9888 888E
.. `"88* 888R I888> X888 888X '888> 9888 888E
x88888nX" . u8888cJ888 X888 888X '888> 9888 888E
!"*8888888n.. : "*888*P" "*88%""*88" '888!` .8888 888"
' "*88888888* 'Y" `~ " `"` `%888*%"
^"***"` "`
a simple commandline tool to manage encrypted storage v.1.2
2010-08-23 21:28:09 +02:00
http://tomb.dyne.org
2010-08-23 15:10:57 +02:00
Tomb aims to be a free and open source system for easy encryption and
backup of personal files, written in code that is easy to review and
links shared OS components.
2010-08-25 20:18:15 +02:00
At present time, Tomb consists of a simple shell script (Zsh) using
standard filesystem tools (GNU) and the cryptographic API of the Linux
kernel (cryptsetup and LUKS), plus a status tray application which
integrates in your desktop.
2010-08-23 15:10:57 +02:00
** Who needs Tomb
Our target community are desktop users with no time to click around,
sometimes using old or borrowed computers, operating in places
endangered by conflict where a leak of personal data can be a threat.
If you don't own a laptop then it's possible to go around with a USB
stick and borrow computers, still leaving no trace and keeping your
data safe during transports. Tomb aims to facilitate all this and to
be interoperable across popular GNU/Linux operating systems.
** How does it works
Tomb generates 'key files' and protects them with a password choosen
by the user; the key files are then used to encrypt loop-back mounted
partitions, like single files containing a filesystem inside: this way
keys can be separated from data for safer transports when required.
2010-08-23 15:10:57 +02:00
** Stage of development
Tomb is an evolution of the 'mknest' tool developed for the dyne:bolic
GNU/Linux distribution, which is used by its 'nesting' mechanism to
encrypt the Home directory of users.
As such, it uses well tested and reviewed routines and its shell code
is pretty readable. The name transition from 'mknest' to 'tomb' is
marked by the adaptation of mknest to work on the Debian operating
system and it has been used in production environments for the past 4
years.
2010-08-23 15:10:57 +02:00
** How can you help
Code is pretty short and readable: start looking around it and the
materials found in doc/ which are good pointers at security measures
to be further implemented.
Enthusiastic ideas are in the TODO file.
Donations are always welcome, see http://dyne.org/donate
More about who is currently involved in the AUTHORS file.