en/decode steganographic commands are renamed to bury and exhume

documentation updates reflect new features, manpage now refers to arguments of different nature
This commit is contained in:
Jaromil 2011-02-12 17:54:53 +01:00
parent 5ec08459cb
commit eea175b4a7
3 changed files with 49 additions and 30 deletions

View File

@ -3,7 +3,7 @@ TODO and Roadmap for Tomb
you are welcome to send patches to jaromil@dyne.org you are welcome to send patches to jaromil@dyne.org
* TODO Release 1.0 :85%: * TODO Release 1.0 :90%:
** [#A] fix operation without DISPLAY (over SSH) :hellekin: ** [#A] fix operation without DISPLAY (over SSH) :hellekin:
** TODO [#A] SLAM tomb and kill all applications using it ** TODO [#A] SLAM tomb and kill all applications using it
@ -13,13 +13,7 @@ you are welcome to send patches to jaromil@dyne.org
now tomb-dialog or something like that would be useful it askpass now tomb-dialog or something like that would be useful it askpass
and dialog might melt together into one binary later. and dialog might melt together into one binary later.
** [#A] incremental backup system using bup :jaromil:
** TODO [#A] steganography to store tomb key
steghide can hide keys in JPG, BMP, WAV or AU files it also takes
care of compressing end encrypting the key file so we don't
necessarily need gpg... it has Serpent and AES256 (CBC)
** [#B] incremental backup system using bup :jaromil:
tombs are modifed only where needed so file changes are local to tombs are modifed only where needed so file changes are local to
the file segment where data is stored. i've tested this idea and it the file segment where data is stored. i've tested this idea and it
@ -29,6 +23,12 @@ you are welcome to send patches to jaromil@dyne.org
** TODO [#C] make one single status handle more tombs ** TODO [#C] make one single status handle more tombs
** TODO [#C] decorate creation wizard with ASCII art ** TODO [#C] decorate creation wizard with ASCII art
** DONE [#A] steganography to store tomb key :jaromil:
steghide can hide keys in JPG, BMP, WAV or AU files it also takes
care of compressing end encrypting the key file so we don't
necessarily need gpg... it has Serpent and AES256 (CBC)
** DONE [#A] use a posix thread instead of fork for status close :jaromil: ** DONE [#A] use a posix thread instead of fork for status close :jaromil:
** DONE [#A] use a config file to map bind mounts :jaromil: ** DONE [#A] use a config file to map bind mounts :jaromil:

View File

@ -1,11 +1,11 @@
.TH tomb 1 "February 6, 2011" "tomb" .TH tomb 1 "February 12, 2011" "tomb"
.SH NAME .SH NAME
Tomb \- the Crypto Undertaker Tomb \- the Crypto Undertaker
.SH SYNOPSIS .SH SYNOPSIS
.B .B
.IP "tomb [options] command [file] [mountpoint]" .IP "tomb [options] command [arguments]"
.B .B
.IP "tomb-open [file]" .IP "tomb-open [file]"
.B .B
@ -29,14 +29,11 @@ hidden in a filesystem; it encourages users to keep their keys
separate from tombs, for instance keeping a tomb file on your computer separate from tombs, for instance keeping a tomb file on your computer
harddisk and its key file on a USB stick. harddisk and its key file on a USB stick.
When used from commandline, \fIfile\fR is the name of the tomb to be For simplified use, the command \fItomb-open\fR starts a wizard that
created or opened, while \fImountpoint\fR is an existing directory guides users in the creation of a new tomb or, if an \fIargument\fR is
where its contents should be made accessible. specified, opens a the tomb file pointed by it and makes it accessible
in a default location under the /media folder, starting the status
For simplified use, the command \fItomb-open\fR can be used to start a tray icon if a desktop is present.
wizard that guides users in the creation of a new tomb or, if the
\fIfile\fR argument is specified, to open a tomb and make it
accessible in a default location under the /media folder.
The other commands \fItomb-status\fR and \fItomb-askpass\fR are for The other commands \fItomb-status\fR and \fItomb-askpass\fR are for
internal use (they are called by tomb with the right arguments) and internal use (they are called by tomb with the right arguments) and
@ -45,20 +42,41 @@ interface.
.SH COMMANDS .SH COMMANDS
.B .B
.IP "create" .IP "create"
Create a new encrypted storage \fIfile\fR and its keys Creates a new encrypted storage tomb and its key, named as specified
by the given \fIargument\fR.
.B .B
.IP "open" .IP "open"
Opens an existing tomb \fIfile\fR. The \fImountpoint\fR where the tomb Opens an existing tomb file specified in the \fIfirst argument\fR. If
will be made accessible can be specified, if not the default is to a \fIsecond argument\fR is given it will indicate the \fImountpoint\fR
create a directory named like the tomb inside /media. where the tomb should be made accessible, if not then the tomb is
mounted in a directory named after the filename and inside /media.
.B .B
.IP "close" .IP "close"
Closes a currently open tomb. When \fIfile\fR is specified, it should Closes a currently open tomb. When \fIan argument\fR is specified, it
point to the /dev/mapper name used to mount the tomb; if \fIfile\fR is should point to the tomb mount on /dev/mapper; if not specified and
not specified and only one tomb is open, then it will be closed; if only one tomb is open then it will be closed; if multiple tombs are
multiple tombs are open, the command will list them on the terminal. open, the command will list them on the terminal. The special
\fIargument\fR 'all' will close all currently open tombs.
.B
.IP "bury"
Hides a tomb key (\fIfirst argument\fR) inside a jpeg image (\fIsecond
argument\fR) using steganography: the image will change in a way that
cannot be noticed by human eyes and the presence of the key inside it
isn't detectable without the right password. This option is useful to
backup tomb keys in unsuspected places; it uses steghide and the
serpent encryption algorithm.
.B
.IP "exhume"
Extracts a named tomb key (\fIfirst argument\fR) from a (jpeg) image file
(\fIsecond argument\fR) known to be containing it, if the right password is
given. This is used to recoved buried keys from unsuspected places.
.SH OPTIONS .SH OPTIONS
.B .B

View File

@ -283,8 +283,9 @@ while true; do
act "create create a new encrypted storage FILE and keys" act "create create a new encrypted storage FILE and keys"
act "open open an existing tomb FILE on MOUNTPOINT" act "open open an existing tomb FILE on MOUNTPOINT"
act "close closes the tomb on MOUNTPOINT" act "close closes the tomb on MOUNTPOINT"
act "decode read a hidden tomb key from a JPEG image" act "bury hide a tomb key inside an jpeg image"
act "encode hide the tomb key inside a JPEG image" act "exhume extract an hidden tomb key from a jpeg image"
act "" act ""
notice "Options:" notice "Options:"
act "-s size of the storage file when creating one (MB)" act "-s size of the storage file when creating one (MB)"
@ -1016,8 +1017,8 @@ case "$CMD" in
unmount) check_priv ; umount_tomb ${CMD2} ;; unmount) check_priv ; umount_tomb ${CMD2} ;;
close) check_priv ; umount_tomb ${CMD2} ;; close) check_priv ; umount_tomb ${CMD2} ;;
encode) encode_key ${CMD2} ${CMD3} ;; bury) encode_key ${CMD2} ${CMD3} ;;
decode) decode_key ${CMD2} ;; exhume) decode_key ${CMD2} ;;
install) check_priv ; install_tomb ;; install) check_priv ; install_tomb ;;