Commit | Line | Data |
---|---|---|
247f344a MW |
1 | Source: udpkey |
2 | Section: utils | |
3 | Priority: extra | |
4 | Maintainer: Mark Wooding <mdw@distorted.org.uk> | |
92469bdf | 5 | Build-Depends: catacomb-dev (>= 2.1.4), mlib-dev (>= 2.2.1~pre), debhelper (>= 8) |
247f344a MW |
6 | Standards-Version: 3.1.1 |
7 | ||
8 | Package: udpkey | |
9 | Architecture: any | |
10 | Depends: ${shlibs:Depends} | |
11 | Recommends: catacomb-bin | |
12 | Suggests: cryptsetup | |
13 | Description: Fetch or serve cryptographic keys over a network. | |
14 | The udpkey program can fetch key data from remote servers using a simple | |
15 | UDP-baed cryptographic protocol; or can can run as a server, providing key | |
16 | material on request to authorized clients. | |
17 | . | |
18 | When running as a client, the program fetches key fragments from multiple | |
19 | sources, combining them together. It can read key fragments from local | |
20 | files or request them from servers. Key data can be split among many | |
21 | servers for increased security, and individual fragments can be held on and | |
22 | requested from multiple servers for increased availability. | |
23 | . | |
24 | The client can be run in early userland, e.g., in initramfs, to obtain key | |
25 | material for decrypting a server's disks. | |
26 | . | |
27 | When running as a server, the program responds to requests, verifying that | |
28 | the client is authorized, and encrypting the requested key fragment with the | |
29 | appropriate client-specific public key. |