[pass] ctmg: bash script for secure encrypted containers

Emil Lundberg lundberg.emil at gmail.com
Wed Mar 9 15:42:23 CET 2016 

Looks pretty cool! Although it seems to me like your goals are very similar
to those of Tomb [1][2], another shell script frontend for cryptsetup/LUKS.
Just out of curiosity, did you know about it? If so, is there something in
particular that ctmg does better - other than being *much* smaller, of
course :) - or something in particular you don't like about Tomb?

[1]: https://www.dyne.org/software/tomb/

[2]: https://github.com/dyne/Tomb
/Emil

On Wed, 2 Mar 2016, 10:29 Jason A. Donenfeld, <Jason at zx2c4.com> wrote:

> 2016-03-01 16:49 GMT+01:00 Micha Rosenbaum <micha at rosetree.de>:
> > Thanks for sharing, Jason!
> > I like the really simple interface and enjoyed learning new things from
> > the ctmg.sh source code. However I found some minor issues I could
> > improve (patches are attached to this email).
>
> Glad you like it!
>
> > One thing I miss is updating a containers passphrase, although there is
> > a rather simple workaround:
> >     $ ctmg create new 42MiB
> >     $ ctmg open new
> >     $ ctmg open old
> >     $ mv old/* old/.* new
> >     $ ctmg close old
> >     $ ctmg delete old
> > The same solution could be used to change a containers size.
>
> For changing the passphrase, while not in use:
>
> $ cryptsetup luksChangeKey /path/to/container.ct
>
> For changing the size, you can just increase the size of the container
> and then use resize2fs on the plaintext file system.
>
> > Thank you again, for this simple solution. Since TrueCrypt died, I
> > wanted to learn how to use LUKS; but procrastinated. ctmg helps my
> > with this.
>
> > Subject: [PATCH] Fix small issues in README
> > * Fix typo: "cryptsetup" instead of "cryptseup"
> > * Consistently use `cmtg new`
> >   (instead of sometimes `new` and sometimes `create`)
> > * Remove trailing whitespace from copy & paste
> > * Change a sentence, that can easily be misinterpreted
>
> Merged.
>
> > Subject: [PATCH] Use $* instead of $@ in echo
> > This resolves an shellcheck issue with `ctmg.sh` and makes usage of echo
> > more consistent: `die()` already used `$*` but `trace()` didn't.
> > See-Also: https://github.com/koalaman/shellcheck/wiki/SC2145
> >   "SC2145: Argument mixes string and array. Use * or separate argument."
> > Use `$ shellcheck ctmg.sh` or http://www.shellcheck.net/ to check.
>
> Also merged. I forgot about shellcheck -- good thinking.
> _______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> http://lists.zx2c4.com/mailman/listinfo/password-store
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20160309/9e746975/attachment.html>

More information about the Password-Store mailing list