4 Maintainer: Mark Wooding <mdw@distorted.org.uk>
5 Build-Depends: python (>= 2.5), debhelper (>= 8.1.2)
6 Standards-Version: 3.1.1
8 Package: distorted-keys
10 Depends: python (>= 2.5), userv, openssl (>= 0.9.8o), adduser
12 Suggests: seccure, texlive-latex-recommended, qrencode
13 Description: Basic key-management system with secure recovery features.
14 The primary purpose of the distorted.org.uk key management system is
15 to provide a secure way of recovering important cryptographic keys,
16 e.g., keys for decrypting backup volumes, in the event of a disaster.
18 Because it was technically fairly easy, given this infrastructure, the
19 system also allows users to generate and use their own keys, without
20 revealing the actual key data, on the theory that, what a user program
21 doesn't know, it can't leak.
23 This system doesn't actually do very much cryptography itself. Instead,
24 it uses other existing implementations, such as GnuPG, OpenSSL, and
30 Recommends: cryptsetup, dmsetup
31 Description: Allow users to claim directories on file systems
32 Machines sometimes have storage devices with useful special properties --
33 such as high performance, or secure erasure on power failure. Rather than
34 set the root of such a filesystem world-writable and sticky, thereby making
35 another filesystem as hard to use safely as `/tmp', `claim-dir' lets users
36 claim directories on such filesystems via `userv'. A newly claimed
37 directory is named after the calling user, and created readable and writable
38 only by the calling user -- so he or she can relax the permissions later if
41 A script `mount-ephemeral' is included which allows the construction of an
42 ephemeral filesystem -- one which is backed by normal storage (typically in
43 `/tmp'), but encrypted using a temporary key which will be lost at reboot.
44 This script can be used to build a safe place for the storage of
~mdw / distorted-keys / blob