~mdw / udpkey / blame
| Commit | Line | Data |
|---|---|---|
| 247f344a MW |
1 | Source: udpkey |
| 2 | Section: utils | |
| 3 | Priority: extra | |
| 4 | Maintainer: Mark Wooding <mdw@distorted.org.uk> | |
| a5f873be | 5 | Build-Depends: catacomb-dev (>= 2.1.4), mlib-dev (>= 2.1.0), debhelper (>= 8) |
| 247f344a MW |
6 | Standards-Version: 3.1.1 |
| 7 | ||
| 8 | Package: udpkey | |
| 9 | Architecture: any | |
| 10 | Depends: ${shlibs:Depends} | |
| 11 | Recommends: catacomb-bin | |
| 12 | Suggests: cryptsetup | |
| 13 | Description: Fetch or serve cryptographic keys over a network. | |
| 14 | The udpkey program can fetch key data from remote servers using a simple | |
| 15 | UDP-baed cryptographic protocol; or can can run as a server, providing key | |
| 16 | material on request to authorized clients. | |
| 17 | . | |
| 18 | When running as a client, the program fetches key fragments from multiple | |
| 19 | sources, combining them together. It can read key fragments from local | |
| 20 | files or request them from servers. Key data can be split among many | |
| 21 | servers for increased security, and individual fragments can be held on and | |
| 22 | requested from multiple servers for increased availability. | |
| 23 | . | |
| 24 | The client can be run in early userland, e.g., in initramfs, to obtain key | |
| 25 | material for decrypting a server's disks. | |
| 26 | . | |
| 27 | When running as a server, the program responds to requests, verifying that | |
| 28 | the client is authorized, and encrypting the requested key fragment with the | |
| 29 | appropriate client-specific public key. |