diff --git a/doc/Makefile.am b/doc/Makefile.am index fd132d2..3ab5da6 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -1,5 +1,5 @@ -man_MANS = tomb.1 +man_MANS = tomb.1 tomb-open.1 tomb-status.1 EXTRA_DIST = Luks_on_disk_format.pdf New_methods_in_HD_encryption.pdf TKS1-draft.pdf diff --git a/doc/tomb-askpass.1 b/doc/tomb-askpass.1 deleted file mode 120000 index 88299c4..0000000 --- a/doc/tomb-askpass.1 +++ /dev/null @@ -1 +0,0 @@ -tomb.1 \ No newline at end of file diff --git a/doc/tomb-open.1 b/doc/tomb-open.1 deleted file mode 120000 index 88299c4..0000000 --- a/doc/tomb-open.1 +++ /dev/null @@ -1 +0,0 @@ -tomb.1 \ No newline at end of file diff --git a/doc/tomb-open.1 b/doc/tomb-open.1 new file mode 100644 index 0000000..9455fbf --- /dev/null +++ b/doc/tomb-open.1 @@ -0,0 +1,183 @@ +.TH tomb 1 "February 12, 2011" "tomb" + +.SH NAME +Tomb \- the Crypto Undertaker + +.SH SYNOPSIS +.B +.IP "tomb [options] command [arguments]" +.B +.IP "tomb-open [file]" +.B +.IP "tomb-status mountpoint" + +.SH DESCRIPTION + +Tomb is an application to manage the creation and access of encrypted +storage files: it can be operated from commandline and it can +integrate with a user's graphical desktop. + +Tomb generates encrypted storage files to be opened and closed using +their associated keys, which are also protected with a password chosen +by the user. To create, open and close tombs a user will need super +user rights to execute the tomb commandline utility. + +A tomb is like a locked folder that can be safely transported and +hidden in a filesystem; it encourages users to keep their keys +separate from tombs, for instance keeping a tomb file on your computer +harddisk and its key file on a USB stick. + +For simplified use, the command \fItomb-open\fR starts a wizard that +guides users in the creation of a new tomb or, if a tomb file is +specified as \fIargument\fR, it opens it and makes it accessible in a +default location under the /media folder, starting the status tray +applet (\fItomb-status\fR) if a desktop is present. + + +.SH COMMANDS + +.B +.IP "create" +Creates a new encrypted storage tomb and its key, named as specified +by the given \fIargument\fR. + +.B +.IP "open" +Opens an existing tomb file specified in the \fIfirst argument\fR. If +a \fIsecond argument\fR is given it will indicate the \fImountpoint\fR +where the tomb should be made accessible, if not then the tomb is +mounted in a directory named after the filename and inside /media. + +.B +.IP "close" +Closes a currently open tomb. When \fIan argument\fR is specified, it +should point to the tomb mount on /dev/mapper; if not specified and +only one tomb is open then it will be closed; if multiple tombs are +open, the command will list them on the terminal. The special +\fIargument\fR 'all' will close all currently open tombs. + +.B +.IP "bury" +Hides a tomb key (\fIfirst argument\fR) inside a jpeg image (\fIsecond +argument\fR) using steganography: the image will change in a way that +cannot be noticed by human eyes and the presence of the key inside it +isn't detectable without the right password. This option is useful to +backup tomb keys in unsuspected places; it uses steghide and the +serpent encryption algorithm. + +.B +.IP "exhume" +Extracts a named tomb key (\fIfirst argument\fR) from a (jpeg) image file +(\fIsecond argument\fR) known to be containing it, if the right password is +given. This is used to recoved buried keys from unsuspected places. + +.SH OPTIONS +.B +.B +.IP "-s \fI\fR" +When creating a tomb, this option must be used to specify the size of +the new \fIfile\fR to be created, in megabytes. +.B +.IP "-k \fI\fR" +When opening a tomb, this option can be used to specify the location +of the key to use. Keys are created with the same name of the tomb +file adding a '.gpg' suffix, but can be later renamed and transported +on other media. When a key is not found, the program asks to insert a +USB storage device and it will look for the key file inside it. +.B +.IP "-n" +Skip processing of post-hooks and bind-hooks if found inside the tomb. +See the \fIHOOKS\fR section in this manual for more information. +.B +.IP "-h" +Display a help text and quit +.B +.IP "-v" +Display version and quit +.B +.IP "-q" +Run more quietly +.IP "-D" +Print more information while running, for debugging purposes + +.SH HOOKS + +Hooks are special files that can be placed inside the tomb and trigger +actions when it is opened and closed; there are two kinds of such +files: \fIbind-hooks\fR and \fIpost-hooks\fR can be placed in the +base root of the tomb. + +.B +.IP "bind-hooks" +This hook file consists of a simple two column list of files or +directories inside the tomb to be made directly accessible inside the +current user's home directory. Tomb will use the "mount \-o bind" +command to bind locations inside the tomb to locations found in $HOME +so in the first column are indicated paths relative to the tomb and in +the second column are indicated paths relative to $HOME contents, for +example: + + mail mail + .gnupg .gnupg + .fmrc .fetchmailrc + .mozilla .mozilla + +.B +.IP "post-hooks" +This hook file gets executed as user by tomb right after opening it; +it can consist of a shell script of a binary executable that performs +batch operations every time a tomb is opened. + +.SH PRIVILEGE ESCALATION + +The tomb commandline tool needs to acquire super user rights to +execute most of its operations: to do so it uses sudo(8), while +pinentry(1) is adopted to collect passwords from the user. + +Tomb executes as super user only those commands requiring it, while it +executes desktop applications as processes owned by the user. + + +.SH BUGS +Please report bugs on the tracker at http://bugs.dyne.org + +Get in touch with developers via mail using this web page +http://dyne.org/contact or via chat on http://irc.dyne.org + +.SH AUTHORS + +Tomb is designed and written by Denis Roio aka Jaromil. + +Tomb's artwork is contributed by Jordi aka Mon Mort + +Testing and fixes are contributed by Dreamer and Hellekin O. Wolf + +Cryptsetup is developed by Christophe Saout and Clemens Fruhwirth + +.SH COPYING + +This manual is Copyleft (c) 2011 Denis Roio <\fIjaromil@dyne.org\fR> + +Permission is granted to copy, distribute and/or modify this manual +under the terms of the GNU Free Documentation License, Version 1.1 or +any later version published by the Free Software Foundation. +Permission is granted to make and distribute verbatim copies of this +manual page provided the above copyright notice and this permission +notice are preserved on all copies. + +.SH AVAILABILITY + +The most recent version of Tomb sourcecode and up to date +documentation is available for download from its website on +\fIhttp://tomb.dyne.org\fR. + +.SH SEE ALSO + +.B +.IP cryptsetup(8) + +GnuPG website on http://www.gnupg.org + +DM-Crypt website on http://www.saout.de/misc/dm-crypt + +LUKS website, http://code.google.com/p/cryptsetup diff --git a/doc/tomb-status.1 b/doc/tomb-status.1 deleted file mode 120000 index 88299c4..0000000 --- a/doc/tomb-status.1 +++ /dev/null @@ -1 +0,0 @@ -tomb.1 \ No newline at end of file diff --git a/doc/tomb-status.1 b/doc/tomb-status.1 new file mode 100644 index 0000000..9455fbf --- /dev/null +++ b/doc/tomb-status.1 @@ -0,0 +1,183 @@ +.TH tomb 1 "February 12, 2011" "tomb" + +.SH NAME +Tomb \- the Crypto Undertaker + +.SH SYNOPSIS +.B +.IP "tomb [options] command [arguments]" +.B +.IP "tomb-open [file]" +.B +.IP "tomb-status mountpoint" + +.SH DESCRIPTION + +Tomb is an application to manage the creation and access of encrypted +storage files: it can be operated from commandline and it can +integrate with a user's graphical desktop. + +Tomb generates encrypted storage files to be opened and closed using +their associated keys, which are also protected with a password chosen +by the user. To create, open and close tombs a user will need super +user rights to execute the tomb commandline utility. + +A tomb is like a locked folder that can be safely transported and +hidden in a filesystem; it encourages users to keep their keys +separate from tombs, for instance keeping a tomb file on your computer +harddisk and its key file on a USB stick. + +For simplified use, the command \fItomb-open\fR starts a wizard that +guides users in the creation of a new tomb or, if a tomb file is +specified as \fIargument\fR, it opens it and makes it accessible in a +default location under the /media folder, starting the status tray +applet (\fItomb-status\fR) if a desktop is present. + + +.SH COMMANDS + +.B +.IP "create" +Creates a new encrypted storage tomb and its key, named as specified +by the given \fIargument\fR. + +.B +.IP "open" +Opens an existing tomb file specified in the \fIfirst argument\fR. If +a \fIsecond argument\fR is given it will indicate the \fImountpoint\fR +where the tomb should be made accessible, if not then the tomb is +mounted in a directory named after the filename and inside /media. + +.B +.IP "close" +Closes a currently open tomb. When \fIan argument\fR is specified, it +should point to the tomb mount on /dev/mapper; if not specified and +only one tomb is open then it will be closed; if multiple tombs are +open, the command will list them on the terminal. The special +\fIargument\fR 'all' will close all currently open tombs. + +.B +.IP "bury" +Hides a tomb key (\fIfirst argument\fR) inside a jpeg image (\fIsecond +argument\fR) using steganography: the image will change in a way that +cannot be noticed by human eyes and the presence of the key inside it +isn't detectable without the right password. This option is useful to +backup tomb keys in unsuspected places; it uses steghide and the +serpent encryption algorithm. + +.B +.IP "exhume" +Extracts a named tomb key (\fIfirst argument\fR) from a (jpeg) image file +(\fIsecond argument\fR) known to be containing it, if the right password is +given. This is used to recoved buried keys from unsuspected places. + +.SH OPTIONS +.B +.B +.IP "-s \fI\fR" +When creating a tomb, this option must be used to specify the size of +the new \fIfile\fR to be created, in megabytes. +.B +.IP "-k \fI\fR" +When opening a tomb, this option can be used to specify the location +of the key to use. Keys are created with the same name of the tomb +file adding a '.gpg' suffix, but can be later renamed and transported +on other media. When a key is not found, the program asks to insert a +USB storage device and it will look for the key file inside it. +.B +.IP "-n" +Skip processing of post-hooks and bind-hooks if found inside the tomb. +See the \fIHOOKS\fR section in this manual for more information. +.B +.IP "-h" +Display a help text and quit +.B +.IP "-v" +Display version and quit +.B +.IP "-q" +Run more quietly +.IP "-D" +Print more information while running, for debugging purposes + +.SH HOOKS + +Hooks are special files that can be placed inside the tomb and trigger +actions when it is opened and closed; there are two kinds of such +files: \fIbind-hooks\fR and \fIpost-hooks\fR can be placed in the +base root of the tomb. + +.B +.IP "bind-hooks" +This hook file consists of a simple two column list of files or +directories inside the tomb to be made directly accessible inside the +current user's home directory. Tomb will use the "mount \-o bind" +command to bind locations inside the tomb to locations found in $HOME +so in the first column are indicated paths relative to the tomb and in +the second column are indicated paths relative to $HOME contents, for +example: + + mail mail + .gnupg .gnupg + .fmrc .fetchmailrc + .mozilla .mozilla + +.B +.IP "post-hooks" +This hook file gets executed as user by tomb right after opening it; +it can consist of a shell script of a binary executable that performs +batch operations every time a tomb is opened. + +.SH PRIVILEGE ESCALATION + +The tomb commandline tool needs to acquire super user rights to +execute most of its operations: to do so it uses sudo(8), while +pinentry(1) is adopted to collect passwords from the user. + +Tomb executes as super user only those commands requiring it, while it +executes desktop applications as processes owned by the user. + + +.SH BUGS +Please report bugs on the tracker at http://bugs.dyne.org + +Get in touch with developers via mail using this web page +http://dyne.org/contact or via chat on http://irc.dyne.org + +.SH AUTHORS + +Tomb is designed and written by Denis Roio aka Jaromil. + +Tomb's artwork is contributed by Jordi aka Mon Mort + +Testing and fixes are contributed by Dreamer and Hellekin O. Wolf + +Cryptsetup is developed by Christophe Saout and Clemens Fruhwirth + +.SH COPYING + +This manual is Copyleft (c) 2011 Denis Roio <\fIjaromil@dyne.org\fR> + +Permission is granted to copy, distribute and/or modify this manual +under the terms of the GNU Free Documentation License, Version 1.1 or +any later version published by the Free Software Foundation. +Permission is granted to make and distribute verbatim copies of this +manual page provided the above copyright notice and this permission +notice are preserved on all copies. + +.SH AVAILABILITY + +The most recent version of Tomb sourcecode and up to date +documentation is available for download from its website on +\fIhttp://tomb.dyne.org\fR. + +.SH SEE ALSO + +.B +.IP cryptsetup(8) + +GnuPG website on http://www.gnupg.org + +DM-Crypt website on http://www.saout.de/misc/dm-crypt + +LUKS website, http://code.google.com/p/cryptsetup