diff --git a/AUTHORS b/AUTHORS.md similarity index 100% rename from AUTHORS rename to AUTHORS.md diff --git a/ChangeLog b/ChangeLog deleted file mode 100644 index 42fd920..0000000 --- a/ChangeLog +++ /dev/null @@ -1,122 +0,0 @@ -February 2014 - 1.5.2 - - Removed automatic guessing of key file besides tomb to encourage - users to keep tomb and key separated, but also to simplify the - code in key retrieval and avoid a bug occurring in the previous - version. - -February 2014 - 1.5.1 - - Fix to stdin piping of keys, which were not correctly processed - nor were deleted from volatile memory (tmpfs). Version is now - updated accordingly. - -January 2014 - 1.5 - Minor bugfixes to documentation, error handling, support for - multiple and encrypted swap partitions and qr code engraving. - This release also includes some minor code refactoring of - load_key() and loop mount checks. Also the tray app is updated - to gtk-3 and works simply with a tomb name as argument. - Documentation was updated accordingly. - -June 2013 - 1.4 - - This release fixes an important bug affecting Tomb 1.3.* which - breaks backward compatibility with older tombs and invalidates - keys created using 1.3 or 1.3.1. For more information about it - read the file KNOWN_BUGS. New features are also included: - indexing and search of file contents, engraving of keys into paper - printable QRCodes for backup purposes and improvements in key - encryption. A setkey command is added to change the key file that - is locking a Tomb. This release restores backward compatibility - with tombs created before the 1.3 release series. - -June 2013 - 1.3.1 (DEPRECATED USAGE, see 1.4 and KNOWN_BUGS) - - Major bugfixes following the recent refactoring. This release - fixes various advanced commands as search/index, KDF key - protection against dictionary attacks and steganographic hiding of - keys. It provides compatibility across GnuPG 1.4.11 and .12 which - broke the decoding of keys. Usage of commandline option is made - consistent and full paths are honored. A new test suite is - included and documentation is updated accordingly. - -May 2013 - 1.3 (DEPRECATED USAGE, see 1.4 and KNOWN_BUGS) - - A refactoring of Tomb's main script internals was made, including - a new messaging system, machine parsable output, cleaner code and - updated compatibility to Debian 7. A new search feature lets users - index and run fast filename searches in their open tombs. Creation - of tombs is broken out in three steps (dig, forge and lock). - Source distribution includes experimental add-ons for a python - GUI, KDF key encryption and a key "undertaker". Documentation was - updated. - - -Nov 2011 - 1.2 - - Includes an Important fix to password parsing for spaces and - extended chars, plus a new 'passwd' command to change a key's - password. Tomb now checks for swap to avoid its usage (see SWAP - section in manpage) and warns the user when the tomb is almost - full. - -May 2011 - 1.1 - - Fixes to mime types, icons and desktop integration. A new 'list' - command provides an overview on all tombs currently open. Now a - tomb cannot be mounted multiple times, the message console has - colors and better messages. Different mount options (like - read-only) can also be specified by hand on the commandline. - -March 2011 - 1.0 - - Clean and stable. Now passwords are handled exclusively using - pinentry. Also support for steganography of keys (bury and exhume) - was added to the commandline. Commandline and desktop operations - are well separated so that tomb can be used via remote terminal. A - new command 'slam' immediately closes a tomb killing all processes - that keep it busy. - -February 2011 - 0.9.2 - - The tomb-open wizard now correctly guides you through the creation - of new tombs and helps when saving the keys on external USB - storage devices. The status tray now reliably closes its tomb. - -February 2011 - 0.9.1 - - Sourcecode cleanup, debugging and testing. - Integrated some feedback after filing Debian's ITP and RFS. - -January 2011 - 0.9 - - Tomb is now a desktop application following freedesktop standards: - it provides a status tray and integrates with file managers. The - main program has been thoroughly tested and many bugs were fixed. - -August 2010 - - The first usable version of Tomb goes public among hacker friends - -During the year 2009 - - Tomb has been extensively tested, perfectioned and documented - after being used by its author - -Sometime in 2007 - - mknest was refactored to work on the Debian distribution and since - then renamed to Tomb. dyne:bolic specific dependencies where - removed, keeping Zsh as the shell script it is written with. - -Back in 2005 - - The "nesting" feature of dyne:bolic GNU/Linux lets users encrypt - their home in a file, using a shell script and a graphical - interface called Taschino. - - Taschino included a shell script wrapping cryptsetup to encrypt - loopback mounted partitions with the algo AES-256 (cbc-essiv - mode): this script was called 'mkNest' and its the ancestor of - Tomb. diff --git a/ChangeLog.md b/ChangeLog.md new file mode 100644 index 0000000..42920a7 --- /dev/null +++ b/ChangeLog.md @@ -0,0 +1,154 @@ +# Tomb ChangeLog + +## 1.5.2 +### February 2014 + +Removed automatic guessing of key file besides tomb to encourage +users to keep tomb and key separated, but also to simplify the +code in key retrieval and avoid a bug occurring in the previous +version. + +## 1.5.1 +### February 2014 + +Fix to stdin piping of keys, which were not correctly processed +nor were deleted from volatile memory (tmpfs). + +Version is now updated accordingly. + +## 1.5 +### January 2014 + +Minor bugfixes to documentation, error handling, support for +multiple and encrypted swap partitions and qr code engraving. + +This release also includes some minor code refactoring of +load_key() and loop mount checks. Also the tray app is updated +to gtk-3 and works simply with a tomb name as argument. + +Documentation was updated accordingly. + +## 1.4 +### June 2013 + +This release fixes an important bug affecting Tomb 1.3.* which +breaks backward compatibility with older tombs and invalidates +keys created using 1.3 or 1.3.1. For more information about it +read the file KNOWN_BUGS. + +New features are also included: +indexing and search of file contents, engraving of keys into paper +printable QRCodes for backup purposes and improvements in key +encryption. A setkey command is added to change the key file that +is locking a Tomb. + +This release restores backward compatibility +with tombs created before the 1.3 release series. + +## 1.3.1 (DEPRECATED, see [KNOWN_BUGS](KNOWN_BUGS.md)) +### June 2013 + +Major bugfixes following the recent refactoring. + +This release fixes various advanced commands as search/index, KDF key +protection against dictionary attacks and steganographic hiding of +keys. It provides compatibility across GnuPG 1.4.11 and .12 which +broke the decoding of keys. Usage of commandline option is made +consistent and full paths are honored. + +A new test suite is included and documentation is updated accordingly. + +## 1.3 (DEPRECATED, see [KNOWN_BUGS](KNOWN_BUGS.md)) +### May 2013 + +A refactoring of Tomb's main script internals was made, including +a new messaging system, machine parsable output, cleaner code and +updated compatibility to Debian 7. A new search feature lets users +index and run fast filename searches in their open tombs. Creation +of tombs is broken out in three steps (dig, forge and lock). + +Source distribution includes experimental add-ons for a python +GUI, KDF key encryption and a key "undertaker". Documentation was +updated. + + +## 1.2 +### Nov 2011 + +Includes an Important fix to password parsing for spaces and +extended chars, plus a new 'passwd' command to change a key's +password. Tomb now checks for swap to avoid its usage (see SWAP +section in manpage) and warns the user when the tomb is almost +full. + +## 1.1 +### May 2011 + +Fixes to mime types, icons and desktop integration. + +A new 'list' command provides an overview on all tombs currently open. + +Now a tomb cannot be mounted multiple times, the message console has +colors and better messages. + +Different mount options (like read-only) can also be specified by hand on the commandline. + +## 1.0 +### March 2011 + +Clean and stable. Now passwords are handled exclusively using +pinentry. Also support for steganography of keys (bury and exhume) +was added to the commandline. + +Commandline and desktop operations are well separated so that tomb can be used via remote terminal. + +A new command 'slam' immediately closes a tomb killing all processes that keep it busy. + +## 0.9.2 +### February 2011 + +The tomb-open wizard now correctly guides you through the creation +of new tombs and helps when saving the keys on external USB +storage devices. The status tray now reliably closes its tomb. + +## 0.9.1 +### February 2011 + +Sourcecode cleanup, debugging and testing. + +Integrated some feedback after filing Debian's ITP and RFS. + +## 0.9 +### January 2011 + +Tomb is now a desktop application following freedesktop standards: +it provides a status tray and integrates with file managers. + +The main program has been thoroughly tested and many bugs were fixed. + +## August 2010 + +The first usable version of Tomb goes public among hacker friends + +## During the year 2009 + +Tomb has been extensively tested, perfectioned and documented +after being used by its author. + +## Sometime in 2007 + +[MKNest](http://code.dyne.org/dynebolic/tree/dyneII/startup/bin/mknest) +was refactored to work on the Debian distribution and since +then renamed to Tomb. [dyne:bolic](http://www.dynebolic.org) specific dependencies where +removed, keeping Zsh as the shell script it is written with. + +## Back in 2005 + +The "nesting" feature of [dyne:bolic](http://www.dynebolic.org) +GNU/Linux lets users encrypt their home in a file, using a shell script and a graphical +interface called Taschino. + +Taschino included a shell script wrapping cryptsetup to encrypt +loopback mounted partitions with the algo AES-256 (cbc-essiv +mode): this script was called 'mkNest' and its the ancestor of +Tomb. diff --git a/INSTALL.md b/INSTALL.md new file mode 100644 index 0000000..ddae231 --- /dev/null +++ b/INSTALL.md @@ -0,0 +1,65 @@ + +# TOMB INSTALLATION INSTRUCTIONS + +## Install required tools + +Tomb needs a few programs to be installed on a system in order to work: + + * zsh + * gnupg + * cryptsetup + * pinentry-curses (or -gtk or -qt as you prefer) + +Most systems provide these tools in their package collection, +for instance on Debian/Ubuntu one can use 'apt-get install' +on Fedora and CentOS one can use 'yum install' + +## Install Tomb + +To install Tomb simply download the source distribution (the tar.gz file) +and decompress it. From a terminal: + + cd Downloads + tar xvfz Tomb-1.5.3.tar.gz (correct with actual file name) + +Then enter its directory and run 'make install' as root, this will install +Tomb into /usr/local: + + cd Tomb-1.5.3 (correct with actual directory name) + sudo make install + +After installation one can read the commandline help or read the manual: + + tomb -h (print a short help on the commandline) + man tomb (show the full usage manual) + +At this point one can proceed creating a tomb, for instance: + + tomb dig -s 1000 secrets.tomb (be patient and wait a bit) + tomb forge -k secrets.tomb.key (be patient and follow instructions) + tomb lock -k secrets.tomb.key secrets.tomb + +## Install optional tools + +Tomb can use some optional tools to extend its functionalities: + +executable | function +---------- | --------------------------------------------------- + dcfldd | show progress while executing long operations + steghide | bury and exhume keys inside images + resizefs | extend the size of existing tomb volumes + qrencode | engrave keys into printable qrcode tags + mlocate | have fast search of file names inside tombs + swish++ | have fast search of file contents inside tombs + unoconv | have fast search of contents in PDF and DOC files + +As for requirements, also optional tools may be easy to install using +the packages provided by each distribution. + +Once any of the above is installed Tomb will find the tool automatically. + +## Install Tomb extras + +Tomb comes with a bunch of extra tools that contribute to enhance its +functionality or integrate it into particular system environments. + diff --git a/KNOWN_BUGS b/KNOWN_BUGS.md similarity index 100% rename from KNOWN_BUGS rename to KNOWN_BUGS.md diff --git a/README b/README.md similarity index 69% rename from README rename to README.md index 366ba34..290587a 100644 --- a/README +++ b/README.md @@ -1,21 +1,24 @@ - ..... .. - .H8888888h. ~-. . uW8" - 888888888888x `> u. .. . : `t888 -X~ `?888888hx~ ...ue888b .888: x888 x888. 8888 . -' x8.^"*88*" 888R Y888r ~`8888~'888X`?888f` 9888.z88N - `-:- X8888x 888R I888> X888 888X '888> 9888 888E - 488888> 888R I888> X888 888X '888> 9888 888E - .. `"88* 888R I888> X888 888X '888> 9888 888E - x88888nX" . u8888cJ888 X888 888X '888> 9888 888E - !"*8888888n.. : "*888*P" "*88%""*88" '888!` .8888 888" -' "*88888888* 'Y" `~ " `"` `%888*%" - ^"***"` "` + ..... .. + .H8888888h. ~-. . uW8" + 888888888888x `> u. .. . : `t888 + X~ `?888888hx~ ...ue888b .888: x888 x888. 8888 . + ' x8.^"*88*" 888R Y888r ~`8888~'888X`?888f` 9888.z88N + `-:- X8888x 888R I888> X888 888X '888> 9888 888E + 488888> 888R I888> X888 888X '888> 9888 888E + .. `"88* 888R I888> X888 888X '888> 9888 888E + x88888nX" . u8888cJ888 X888 888X '888> 9888 888E + !"*8888888n.. : "*888*P" "*88%""*88" '888!` .8888 888" + ' "*88888888* 'Y" `~ " `"` `%888*%" + ^"***"` "` -A minimalistic commandline tool to manage encrypted volumes v1.5.2 +*A minimalistic commandline tool to manage encrypted volumes* - http://dyne.org/software/tomb +Latest version: **1.5.3** +http://dyne.org/software/tomb + +# What is Tomb, the crypto undertaker Tomb aims to be a free and open source system for easy encryption and backup of personal files, written in code that is easy to review and @@ -26,7 +29,9 @@ standard filesystem tools (GNU) and the cryptographic API of the Linux kernel (cryptsetup and LUKS). Tomb can also produce machine parsable output to facilitate its use inside graphical applications. -** How does it works +# How does it works + +For the instructions on how to get started using Tomb, see [INSTALL](INSTALL.md). This tool can be used to dig .tomb files (Luks volumes), forge keys protected by a password (GnuPG symmetric encryption) and use the keys @@ -47,7 +52,7 @@ facilitating the storage of backup keys using image steganography, listing open tombs and selectively closing them, warning the user about their size and last time they were used, etc. -** How secure is this? +# How secure is this? Death is the only sure thing in life. Said that, Tomb is a pretty secure tool especially because it keeps minimal, its source is always @@ -62,7 +67,7 @@ usability. The code of Tomb can be read in a literate programming style on http://tomb.dyne.org/literate -** Stage of development +# Stage of development Tomb is an evolution of the 'mknest' tool developed for the dyne:bolic GNU/Linux distribution, which is used by its 'nesting' mechanism to @@ -74,10 +79,10 @@ As of today, Tomb is a well stable tool also used in mission critical situations by a number of activists in endangered zones. It has been reviewed by forensics analysts and it can be considered to be safe for military grade use, where the integrity of informations stored depend -from the user's behaviour and the strenght of a standard AES256 -CBC-ESSIV encryption algorithm. +from the user's behaviour and the strenght of a standard AES-256 +(XTS plain) encryption algorithm. -** How can you help +# How can you help Donations are always welcome, see https://dyne.org/donate @@ -90,7 +95,7 @@ For the bleeding edge visit https://github.com/dyne/Tomb Tomb's developers can be contacted via the "crypto" mailinglist on http://lists.dyne.org or via IRC on https://irc.dyne.org channel #dyne -Some enthusiastic ideas are in the TODO file. +Some enthusiastic ideas are in the [TODO](doc/TODO.org) file. -Information on developers involved is found in the AUTHORS file. +Information on developers involved is found in the [AUTHORS](AUTHORS.md) file. diff --git a/doc/TODO.org b/doc/TODO.org index 1371b0a..aff2ad7 100644 --- a/doc/TODO.org +++ b/doc/TODO.org @@ -7,6 +7,47 @@ Issue tracking is now handled via GitHub, see http://github.com/dyne/Tomb Old roadmap notes: + + +* TODO Release 2.0 :00%: + +Must be 100% backward compatible with tombs created with 1.0 + + +** New features +*** [#A] support for ZFS filesystem (revisioning, bitrot) +*** [#A] support for partition-based tombs +*** [#B] system to split keys in parts (ssss) +*** [#A] udev rules to avoid usb automount of keyplug in gnome +*** [#B] sign and verify tomb script integrity (executed as root) +*** TODO [#B] Internationalization using gettext :jaromil: + + Started generating the strings, still need to figure out how to + install it + +*** [#B] make a gnome tomb undertaker using gnome-druid in glade +*** DONE [#B] tomb locksmith for key management + a graphical tool or text wizard to move keys in/out steganography + as well split them + +*** DONE [#B] transport keys and integrity checksums on qrcodes +*** [#B] analyse and show tomb entropy using libdisorder +*** [#B] indeep security analysis of possible vulnerabilities +*** [#C] use inotify on tomb + + inotify can also count when was the last time tomb was used and + unmount it automatically after a timeout, see how much free space + is left and warn when the space is almost finished +*** [#C] more gtk dialogs for configurations? keep it minimal! + + +* Notes from #CybRes + +*** mlocall per swap )vecna) rompigli il caz su github +*** steganografia migliore con outguess? (vecna) +*** velocita' creazione : fallocate -l 10G (scuall8907@gm) + + * DONE Release 1.0 :100%: ** TODO [#C] make one single status handle more tombs @@ -56,41 +97,6 @@ Old roadmap notes: ** DONE [#A] Should refuse opening a tomb that is already open :jaromil: - -* TODO Release 2.0 :00%: - -Must be 100% backward compatible with tombs created with 1.0 - -** New features - -*** [#A] system to split keys in parts (ssss) -*** [#A] use inotify on tomb - - inotify can also count when was the last time tomb was used and - unmount it automatically after a timeout, see how much free space - is left and warn when the space is almost finished - -*** [#A] udev rules to avoid usb automount of keyplug in gnome - -*** [#A] sign and verify tomb script integrity (executed as root) -*** TODO [#B] Internationalization using gettext :jaromil: - - Started generating the strings, still need to figure out how to - install it - -*** [#B] make a gnome tomb undertaker using gnome-druid in glade -*** [#B] tomb locksmith for key management - a graphical tool or text wizard to move keys in/out steganography - as well split them - -*** [#B] transport keys and integrity checksums on qrcodes - -*** [#B] analyse and show tomb entropy using libdisorder - -*** [#B] indeep security analysis of possible vulnerabilities -*** [#C] more gtk dialogs for configurations? keep it minimal! - - * TODO Porting to Win$loth using FReeOTFE http://www.freeotfe.org