X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/distorted-keys/blobdiff_plain/f012ad83100add4822bfa4e7017673beae6ebf17..865fc4a1c4add30fbf1b6ab9569682d82e8da7c9:/debian/control diff --git a/debian/control b/debian/control index 1de815e..5b48960 100644 --- a/debian/control +++ b/debian/control @@ -5,11 +5,22 @@ Maintainer: Mark Wooding Build-Depends: python (>= 2.5), debhelper (>= 8.1.2) Standards-Version: 3.1.1 +Package: distorted-keys-base +Architecture: all +Depends: openssl (>= 0.9.8o) +Recommends: gnupg, claim-dir +Suggests: seccure +Description: Underlying machinery for distorted.org.uk key-management system. + This package contains the libraries and key-type definitions for the + distorted.org.uk key-management system. It also contains a script suitable + for doing public-key operations without any of the `userv' machinery + required by the full system. It might therefore be useful to install this + package on satellite systems, even if they don't have the full system. + Package: distorted-keys Architecture: all -Depends: python (>= 2.5), userv, openssl (>= 0.9.8o), adduser -Recommends: gnupg -Suggests: seccure, texlive-latex-recommended, qrencode +Depends: distorted-keys-base, python (>= 2.5), userv, adduser, qrencode +Suggests: texlive-latex-recommended Description: Basic key-management system with secure recovery features. The primary purpose of the distorted.org.uk key management system is to provide a secure way of recovering important cryptographic keys, @@ -23,3 +34,23 @@ Description: Basic key-management system with secure recovery features. This system doesn't actually do very much cryptography itself. Instead, it uses other existing implementations, such as GnuPG, OpenSSL, and Seccure. + +Package: claim-dir +Architecture: all +Depends: userv +Recommends: cryptsetup, dmsetup +Description: Allow users to claim directories on file systems + Machines sometimes have storage devices with useful special properties -- + such as high performance, or secure erasure on power failure. Rather than + set the root of such a filesystem world-writable and sticky, thereby making + another filesystem as hard to use safely as `/tmp', `claim-dir' lets users + claim directories on such filesystems via `userv'. A newly claimed + directory is named after the calling user, and created readable and writable + only by the calling user -- so he or she can relax the permissions later if + necessary. + . + A script `mount-ephemeral' is included which allows the construction of an + ephemeral filesystem -- one which is backed by normal storage (typically in + `/tmp'), but encrypted using a temporary key which will be lost at reboot. + This script can be used to build a safe place for the storage of + temporary secrets.