[pass] ctmg: bash script for secure encrypted containers

[Jason A. Donenfeld]

2016-03-01 16:49 GMT+01:00 Micha Rosenbaum <micha at rosetree.de>:
> Thanks for sharing, Jason!
> I like the really simple interface and enjoyed learning new things from
> the ctmg.sh source code. However I found some minor issues I could
> improve (patches are attached to this email).

Glad you like it!

> One thing I miss is updating a containers passphrase, although there is
> a rather simple workaround:
>     $ ctmg create new 42MiB
>     $ ctmg open new
>     $ ctmg open old
>     $ mv old/* old/.* new
>     $ ctmg close old
>     $ ctmg delete old
> The same solution could be used to change a containers size.

For changing the passphrase, while not in use:

$ cryptsetup luksChangeKey /path/to/container.ct

For changing the size, you can just increase the size of the container
and then use resize2fs on the plaintext file system.

> Thank you again, for this simple solution. Since TrueCrypt died, I
> wanted to learn how to use LUKS; but procrastinated. ctmg helps my
> with this.

> Subject: [PATCH] Fix small issues in README
> * Fix typo: "cryptsetup" instead of "cryptseup"
> * Consistently use `cmtg new`
>   (instead of sometimes `new` and sometimes `create`)
> * Remove trailing whitespace from copy & paste
> * Change a sentence, that can easily be misinterpreted

Merged.

> Subject: [PATCH] Use $* instead of $@ in echo
> This resolves an shellcheck issue with `ctmg.sh` and makes usage of echo
> more consistent: `die()` already used `$*` but `trace()` didn't.
> See-Also: https://github.com/koalaman/shellcheck/wiki/SC2145
>   "SC2145: Argument mixes string and array. Use * or separate argument."
> Use `$ shellcheck ctmg.sh` or http://www.shellcheck.net/ to check.

Also merged. I forgot about shellcheck -- good thinking.