chiark / gitweb / New script for doing stuff with public keys.
[distorted-keys] / debian / control
1Source: distorted-keys
2Section: utils
3Priority: optional
4Maintainer: Mark Wooding <>
5Build-Depends: python (>= 2.5), debhelper (>= 8.1.2)
6Standards-Version: 3.1.1
8Package: distorted-keys
9Architecture: all
10Depends: python (>= 2.5), userv, openssl (>= 0.9.8o), adduser
125f634c 11Recommends: gnupg, claim-dir
12Suggests: seccure, texlive-latex-recommended, qrencode
13Description: Basic key-management system with secure recovery features.
14 The primary purpose of the key management system is
15 to provide a secure way of recovering important cryptographic keys,
16 e.g., keys for decrypting backup volumes, in the event of a disaster.
17 .
18 Because it was technically fairly easy, given this infrastructure, the
19 system also allows users to generate and use their own keys, without
20 revealing the actual key data, on the theory that, what a user program
21 doesn't know, it can't leak.
22 .
23 This system doesn't actually do very much cryptography itself. Instead,
24 it uses other existing implementations, such as GnuPG, OpenSSL, and
25 Seccure.
27Package: claim-dir
28Architecture: all
29Depends: userv
30Recommends: cryptsetup, dmsetup
31Description: Allow users to claim directories on file systems
32 Machines sometimes have storage devices with useful special properties --
33 such as high performance, or secure erasure on power failure. Rather than
34 set the root of such a filesystem world-writable and sticky, thereby making
35 another filesystem as hard to use safely as `/tmp', `claim-dir' lets users
36 claim directories on such filesystems via `userv'. A newly claimed
37 directory is named after the calling user, and created readable and writable
38 only by the calling user -- so he or she can relax the permissions later if
39 necessary.
40 .
41 A script `mount-ephemeral' is included which allows the construction of an
42 ephemeral filesystem -- one which is backed by normal storage (typically in
43 `/tmp'), but encrypted using a temporary key which will be lost at reboot.
44 This script can be used to build a safe place for the storage of
45 temporary secrets.