Source: distorted-keys Section: utils Priority: optional Maintainer: Mark Wooding Build-Depends: python (>= 2.5), debhelper (>= 8.1.2) Standards-Version: 3.1.1 Package: distorted-keys Architecture: all Depends: python (>= 2.5), userv, openssl (>= 0.9.8o), adduser Recommends: gnupg, claim-dir Suggests: seccure, texlive-latex-recommended, qrencode Description: Basic key-management system with secure recovery features. The primary purpose of the distorted.org.uk key management system is to provide a secure way of recovering important cryptographic keys, e.g., keys for decrypting backup volumes, in the event of a disaster. . Because it was technically fairly easy, given this infrastructure, the system also allows users to generate and use their own keys, without revealing the actual key data, on the theory that, what a user program doesn't know, it can't leak. . This system doesn't actually do very much cryptography itself. Instead, it uses other existing implementations, such as GnuPG, OpenSSL, and Seccure. Package: claim-dir Architecture: all Depends: userv Recommends: cryptsetup, dmsetup Description: Allow users to claim directories on file systems Machines sometimes have storage devices with useful special properties -- such as high performance, or secure erasure on power failure. Rather than set the root of such a filesystem world-writable and sticky, thereby making another filesystem as hard to use safely as `/tmp', `claim-dir' lets users claim directories on such filesystems via `userv'. A newly claimed directory is named after the calling user, and created readable and writable only by the calling user -- so he or she can relax the permissions later if necessary. . A script `mount-ephemeral' is included which allows the construction of an ephemeral filesystem -- one which is backed by normal storage (typically in `/tmp'), but encrypted using a temporary key which will be lost at reboot. This script can be used to build a safe place for the storage of temporary secrets.