Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: cryptctl | Distribution: SUSE Linux Enterprise 15 |
Version: 2.4 | Vendor: SUSE LLC <https://www.suse.com/> |
Release: 4.5.1 | Build date: Thu Jun 17 13:02:10 2021 |
Group: System/Management | Build host: sheep25 |
Size: 8407999 | Source RPM: cryptctl-2.4-4.5.1.src.rpm |
Packager: https://www.suse.com/ | |
Url: https://www.suse.com/products/sles-for-sap | |
Summary: A utility for setting up LUKS-based disk encryption |
A disk encryption utility that helps setting up LUKS-based disk encryption using randomly generated keys, and keep all keys on a dedicated key server.
GPL-3.0
* Fri Jun 11 2021 varkoly@suse.com - Update to version 2.4: * (bsc#1186226) - (CVE-2019-18906) client side password hashing is equivalent to clear text password storage * Fix authentication on all places. * Fix sysconfig variable name. * First step to use plain text password instead of hashed password. * Move repository into the SUSE github organization * decorate readme with more usage instructions * in RPC server, if client comes from localhost, remember its ipv4 localhost address instead of ipv6 address * Test clear expired commands in TestDB_UpdateSeenFlag * tell a record to clear expired pending commands upon saving a command result; introduce pending commands RPC test case * avoid hard coding 127.0.0.1 in host ID of alive message test; let system administrator mount and unmount disks by issuing these two commands on key server. * Thu Nov 23 2017 rbrown@suse.com - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) * Mon Oct 23 2017 hguo@suse.com - Add previously missing systemd service cryptctl-client.service into RPM content, continue with bsc#1056082. * Mon Aug 28 2017 hguo@suse.com - Upgrade to upstream release 2.3 that brings a new feature to allow system administrators to issue mount/umount commands to client computers via key server. (bsc#1056082) * Wed Jun 07 2017 hguo@suse.com - Upgrade to upstream release 2.2 that brings important enhancements in effort of implementing fate#322979: * System administrator may now optionally turn off TLS certificate verification on KMIP server. Note that, certificate verification is enforced by default. * Improve handling of boolean answers from interactive command line. * Improve error handling in KMIP client. * Thu Jun 01 2017 hguo@suse.com - Upgrade to upstream release 2.1 that brings important enhancements in effort of implementing fate#322979: * Improve KMIP compatibility with key prefix names and proper serialisation of authentication header. * Fail over KMIP connection using a server list. * Destroy key on KMIP after its tracking record is erased from DB. * Thu May 11 2017 hguo@suse.com - Upgrade to upstream release 2.0 that brings a protocol evolution together with several new features: * Optionally utilise an external KMIP-v1.3 compatible service to store actual encryption key. * Optionally verify client identity before serving its key requests. * Password is hashed before transmitting over TLS-secured channel. * Fix an issue that previously allowed a malicious administrator to craft RPC request to overwrite files outside of key database. Implemented accordint to fate#322979 and fate#322293. * Fri Apr 28 2017 hguo@suse.com - Upgrade to 1.99pre that introduces a library for decoding, encoding, and serialisation operations of KMIP v1.3 for fate#322979. * Wed Nov 16 2016 hguo@suse.com - Upgrade to 1.2.6 for accumulated bug fixes (bsc#1006219): * Prevent user from attempting to encrypt a disk with mounted partitions, or an existing encrypted+opened disk. * Ensure CA path input is an absolute path. * Fix two mistakes in handling of timeout input. * Fix minor formatting issue in manual page. * Suppress consecutive failure messages in the journal of ReportAlive and AutoOnlineUnlockFS routines. * Fri Sep 16 2016 hguo@suse.com - Implement mandatory enhancements: * Do not allow encrypting a remote file system. * Implement command for erasing an encrypted file system. - Bump version to 1.2.5 for fate#320367. * Fri Sep 02 2016 hguo@suse.com - Implement mandatory enhancements: * Make workflow across all sub-commands consistent in invocation style. * Implement auto-unlocking of encrypted disks. * Show key record usage and details on demand. - Bump version to 1.2.4 for fate#320367. * Thu Aug 18 2016 hguo@suse.com - Implement mandatory enhancements: * Remove necessity for a backup directory to be involved for encryption routine. * Optimise certificate generation prompts. * Remove unused error messages and fix several of their typos. * Remove unnecessary safety checks. * Make the encryption routine work with btrfs and LVM. - Bump version to 1.2.3 fate#320367. * Wed Aug 03 2016 hguo@suse.com - Upon request, generate a self-signed TLS certificate for experimental purposes. - Bump version to 1.2.2 fate#320367. * Mon Aug 01 2016 hguo@suse.com - Implement mandatory features: * Encrypt empty directory skips backup steps. * Explain key revocation and TLS mechanisms in manual page. - Bump version to 1.2.1 fate#320367. * Mon Jul 11 2016 hguo@suse.com - Implement mandatory features: * List and edit key records * Unlock file system via key record file * Use custom options to mount unlocked file system Enhance usability: * Make encryption procedure's pre-check more thorough * Improve overall command prompts - Bump version to 1.2 fate#320367. * Fri Jul 01 2016 hguo@suse.com - A preview version with most of the desired functions implemented: * Key database * Key RPC server * Client encryption and decryption routines Bump version to 1.1 fate#320367. * Wed Jun 08 2016 hguo@suse.com - First version, only to help with building ISOs. Implement fate#320367.
/etc/cryptctl /etc/cryptctl/servertls /usr/lib/systemd/system/cryptctl-auto-unlock@.service /usr/lib/systemd/system/cryptctl-client.service /usr/lib/systemd/system/cryptctl-server.service /usr/lib/udev/rules.d/99-cryptctl-auto-unlock.rules /usr/sbin/cryptctl /usr/sbin/rccryptctl-server /usr/share/doc/packages/cryptctl /usr/share/doc/packages/cryptctl/LICENSE /usr/share/fillup-templates/sysconfig.cryptctl-client /usr/share/fillup-templates/sysconfig.cryptctl-server /usr/share/man/man8/cryptctl.8.gz /var/lib/cryptctl
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 20:06:21 2024