| 1 | Source: udpkey |
| 2 | Section: utils |
| 3 | Priority: extra |
| 4 | Maintainer: Mark Wooding <mdw@distorted.org.uk> |
| 5 | Build-Depends: catacomb-dev (>= 2.1.4), mlib-dev (>= 2.2.1~pre), debhelper (>= 8) |
| 6 | Standards-Version: 3.1.1 |
| 7 | |
| 8 | Package: udpkey |
| 9 | Architecture: any |
| 10 | Depends: ${shlibs:Depends} |
| 11 | Recommends: catacomb-bin |
| 12 | Suggests: cryptsetup |
| 13 | Description: Fetch or serve cryptographic keys over a network. |
| 14 | The udpkey program can fetch key data from remote servers using a simple |
| 15 | UDP-baed cryptographic protocol; or can can run as a server, providing key |
| 16 | material on request to authorized clients. |
| 17 | . |
| 18 | When running as a client, the program fetches key fragments from multiple |
| 19 | sources, combining them together. It can read key fragments from local |
| 20 | files or request them from servers. Key data can be split among many |
| 21 | servers for increased security, and individual fragments can be held on and |
| 22 | requested from multiple servers for increased availability. |
| 23 | . |
| 24 | The client can be run in early userland, e.g., in initramfs, to obtain key |
| 25 | material for decrypting a server's disks. |
| 26 | . |
| 27 | When running as a server, the program responds to requests, verifying that |
| 28 | the client is authorized, and encrypting the requested key fragment with the |
| 29 | appropriate client-specific public key. |