Last Build Date: Wed, 20 Oct 2004 11:51:21 -0000
Wed, 20 Oct 2004 11:51:21 -0000
A patched source rpm of util-linux has been released, which supports either kerneli (2.4.x) or 2.5/2.6 cryptoloops with on-disk format compatibility. This SRPM builds on RedHat 7.3, 8, 9 & Fedora Core 1, and permits the use of either 2.4 or 2.6 cryptoloops with Qryptix (more details in the Release Notes).
Wed, 28 Apr 2004 10:15:25 -0000
This release has a few feature enhancements:
1. The salt string that is stored with each key (and used for passphrase hashing) has been increased to 48 bits. This makes pre-computed dictionary attacks prohibitively expensive. Existing users of previous versions, with 24-bit salt, can upgrade to this version and their earlier keyfiles will continue to work as before. At the next change of keys, the salt will automatically be increased to 48 bits.
2. If openssh-server (sshd) is installed, it now allows remote logins using ssh. Multiple simultaneous ssh sessions into a single cryptoloop-encrypted home directory are now possible (the directory is unmounted when the session count goes to zero).
Other minor code and build cleanups have been done. As always, patches, bug-reports and suggestions are welcome.
Wed, 31 Mar 2004 12:17:38 -0000
This release is a minor bugfix and code-cleanup release (no additional features have been added). The main addition is a mini-HOWTO that provides instructions for installation on RedHat 6.2, and it now cleanly builds a source rpm for RedHat 6.2 from the tarball.
Existing users of the previous release do not need to upgrade. As always, patches, bug-reports and suggestions are welcome.
Mon, 23 Feb 2004 07:36:20 -0000
This release (Qryptix-0.2.0) contains feature-enhancements. All the key-management utilities have been combined into a single binary (qryptix) with command-line switches. The PAM object (pam_losetup.so) now supports multi-stage (iterative) cryptoloops - this allows algorithms such as 2AES, 3AES, etc., which are not natively supported by the kerneli CryptoAPI, to be synthesized in userland.
Some minor build and file-locking bugs have been fixed. There is no change in the format of the keyfile or the key hashing, so all earlier keyfiles and filesystems should work unchanged. If there's any breakage, drop me a note. As always, comments, patches, etc. are welcome.
Fri, 23 Jan 2004 08:11:37 -0000
This release (0.1b) has no additional features from release 0.1a, but the build has been restructured and a specfile has been added to generate a .srpm/.rpm for rpm-based distros. INSTALL has also been updated. Some files have been shuffled around. If release 0.1a works for you, there's no need to upgrade to this release.
The specfile should be OK for RH 7.x, 8.0 and 9.0 - if there's any breakage, drop me a note.
Tue, 23 Dec 2003 11:27:13 -0000
This is mainly an bugfix release for Qryptix-0.1. The main change is that all the /home/qryptix redirection login kludgery has been thrown out, simplifying the install & login. The home directory in /etc/passwd is now the same as the encrypted home directory. Look at the ChangeLog and INSTALL for details.
As always, comments, suggestions, patches, etc. are welcome.
Mon, 14 Jul 2003 10:38:38 -0000
As the title says, Qryptix-0.1 has been released. This is a PAM object, some utilities for managing keys stored in keyfiles, and a library for acessing keyfiles. It facilitates the use of Loop-Crypto filesystems as home directories (Loop-AES should also work, but I haven't tested it).
This is an alpha release with minimal documentation - there's a faq and a readme in the tarball, but no man pages or detailed explanation yet.
You'll need a Redhat 7.x installation, and a recent kernel (2.4.18+) with the international kernel patch & the loop-jari patch and a patched version of util-linux to support loop-crypto filesystems. Other prereqs include OpenSSL, PAM and libcrypt. It's been tested on RedHat 7.3.
If there are any difficulties, please post on the forum(s) or drop me an e-mail. I'll eventually get to it.