mirror of
https://github.com/Llewellynvdm/Tomb.git
synced 2024-11-30 00:33:59 +00:00
b521e32110
tomb shell command doesn't depends from X, all GUI notifications are moved into tomb-open including USB key handling, gksu has been dropped completely as a method to gain privileges, there is a new -n flag to avoid processing hooks, variable names have been sanitized, duplicate code eliminated, documentation has been updated and the code cleaned up we are very close to the 1.0 now
165 lines
5.2 KiB
Groff
165 lines
5.2 KiB
Groff
.TH tomb 1 "February 12, 2011" "tomb"
|
|
|
|
.SH NAME
|
|
Tomb \- the Crypto Undertaker
|
|
|
|
.SH SYNOPSIS
|
|
.B
|
|
.IP "tomb [options] command [arguments]"
|
|
.B
|
|
.IP "tomb-open [file]"
|
|
.B
|
|
.IP "tomb-status mountpoint"
|
|
.B
|
|
.IP "tomb-askpass [file]"
|
|
|
|
.SH DESCRIPTION
|
|
|
|
Tomb is an application to manage the creation and access of encrypted
|
|
storage files: it can be operated from commandline, it integrates with
|
|
desktop managers and offers a simple graphical interface to facilitate
|
|
its operation by desktop users.
|
|
|
|
Tomb generates encrypted storage files to be opened and closed using
|
|
their associated keyfiles, which are also protected with a password
|
|
chosen by the user.
|
|
|
|
A tomb is like a locked folder that can be safely transported and
|
|
hidden in a filesystem; it encourages users to keep their keys
|
|
separate from tombs, for instance keeping a tomb file on your computer
|
|
harddisk and its key file on a USB stick.
|
|
|
|
For simplified use, the command \fItomb-open\fR starts a wizard that
|
|
guides users in the creation of a new tomb or, if an \fIargument\fR is
|
|
specified, opens a the tomb file pointed by it and makes it accessible
|
|
in a default location under the /media folder, starting the status
|
|
tray icon if a desktop is present.
|
|
|
|
The other commands \fItomb-status\fR and \fItomb-askpass\fR are for
|
|
internal use (they are called by tomb with the right arguments) and
|
|
serve the purpose of communicating with the user via the graphical
|
|
interface.
|
|
|
|
|
|
.SH COMMANDS
|
|
|
|
.B
|
|
.IP "create"
|
|
Creates a new encrypted storage tomb and its key, named as specified
|
|
by the given \fIargument\fR.
|
|
|
|
.B
|
|
.IP "open"
|
|
Opens an existing tomb file specified in the \fIfirst argument\fR. If
|
|
a \fIsecond argument\fR is given it will indicate the \fImountpoint\fR
|
|
where the tomb should be made accessible, if not then the tomb is
|
|
mounted in a directory named after the filename and inside /media.
|
|
|
|
.B
|
|
.IP "close"
|
|
Closes a currently open tomb. When \fIan argument\fR is specified, it
|
|
should point to the tomb mount on /dev/mapper; if not specified and
|
|
only one tomb is open then it will be closed; if multiple tombs are
|
|
open, the command will list them on the terminal. The special
|
|
\fIargument\fR 'all' will close all currently open tombs.
|
|
|
|
.B
|
|
.IP "bury"
|
|
Hides a tomb key (\fIfirst argument\fR) inside a jpeg image (\fIsecond
|
|
argument\fR) using steganography: the image will change in a way that
|
|
cannot be noticed by human eyes and the presence of the key inside it
|
|
isn't detectable without the right password. This option is useful to
|
|
backup tomb keys in unsuspected places; it uses steghide and the
|
|
serpent encryption algorithm.
|
|
|
|
.B
|
|
.IP "exhume"
|
|
Extracts a named tomb key (\fIfirst argument\fR) from a (jpeg) image file
|
|
(\fIsecond argument\fR) known to be containing it, if the right password is
|
|
given. This is used to recoved buried keys from unsuspected places.
|
|
|
|
.SH OPTIONS
|
|
.B
|
|
.B
|
|
.IP "-s \fI<MBytes>\fR"
|
|
When creating a tomb, this option must be used to specify the size of
|
|
the new \fIfile\fR to be created, in megabytes.
|
|
.B
|
|
.IP "-k \fI<keyfile>\fR"
|
|
When opening a tomb, this option can be used to specify the location
|
|
of the key to use. Keys are created with the same name of the tomb
|
|
file adding a '.gpg' suffix, but can be later renamed and transported
|
|
on other media. When a key is not found, the program asks to insert a
|
|
USB storage device and it will look for the key file inside it.
|
|
.B
|
|
.IP "-n"
|
|
Skip processing of post-hooks and bind-hooks if found inside the tomb.
|
|
See the \fIHOOKS\fR section in this manual for more information.
|
|
.B
|
|
.IP "-h"
|
|
Display a help text and quit
|
|
.B
|
|
.IP "-v"
|
|
Display version and quit
|
|
.B
|
|
.IP "-q"
|
|
Run more quietly
|
|
.IP "-D"
|
|
Print more information while running, for debugging purposes
|
|
|
|
.SH PRIVILEGE ESCALATION
|
|
|
|
The tomb commandline tool needs to acquire super user rights to
|
|
execute most of its operations.
|
|
|
|
Once the rights are acquired Tomb executes as root only those commands
|
|
requiring it, while it executes desktop applications as the user.
|
|
|
|
The escalation to super user privileges is triggered automatically by
|
|
calling 'gksu' or 'sudo' commands.
|
|
|
|
|
|
.SH BUGS
|
|
Please report bugs on the tracker at http://bugs.dyne.org
|
|
|
|
Get in touch with developers via mail using this web page
|
|
http://dyne.org/contact or via chat on http://irc.dyne.org
|
|
|
|
.SH AUTHORS
|
|
|
|
Tomb is designed and written by Denis Roio aka Jaromil.
|
|
|
|
Tomb's artwork is contributed by Jordi aka Mon Mort
|
|
|
|
Testing and fixes are contributed by Dreamer and Hellekin O. Wolf
|
|
|
|
Cryptsetup is developed by Christophe Saout and Clemens Fruhwirth
|
|
|
|
.SH COPYING
|
|
|
|
This manual is Copyleft (c) 2011 Denis Roio <\fIjaromil@dyne.org\fR>
|
|
|
|
Permission is granted to copy, distribute and/or modify this manual
|
|
under the terms of the GNU Free Documentation License, Version 1.1 or
|
|
any later version published by the Free Software Foundation.
|
|
Permission is granted to make and distribute verbatim copies of this
|
|
manual page provided the above copyright notice and this permission
|
|
notice are preserved on all copies.
|
|
|
|
.SH AVAILABILITY
|
|
|
|
The most recent version of Tomb sourcecode and up to date
|
|
documentation is available for download from its website on
|
|
\fIhttp://tomb.dyne.org\fR.
|
|
|
|
.SH SEE ALSO
|
|
|
|
.B
|
|
.IP cryptsetup(8)
|
|
|
|
GnuPG website on http://www.gnupg.org
|
|
|
|
DM-Crypt website on http://www.saout.de/misc/dm-crypt
|
|
|
|
LUKS website, http://code.google.com/p/cryptsetup
|